64 matches found
WordPress plugin ARPrice SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
WordPress plugin ARPrice 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
PT-2025-2843
Name of the Vulnerable Software and Affected Versions ARPrice versions n/a through 4.0.3 Description The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Reflected XSS. This enables attackers to inject malicious...
PT-2025-2840 · Arprice · Arprice
Name of the Vulnerable Software and Affected Versions: NotFound ARPrice versions n/a through 4.0.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for the injection of SQL code, potentially...
WordPress plugin ARPrice 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
PT-2025-2841 · Arprice · Arprice
Name of the Vulnerable Software and Affected Versions: ARPrice versions n/a through 4.0.3 Description: The issue is related to the deserialization of untrusted data, which allows object injection in the ARPrice software. This problem can be exploited via the deserialization of untrusted data,...
WordPress plugin ARPrice SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
WordPress plugin ARPrice 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
PT-2025-2842 · Arprice · Arprice
Name of the Vulnerable Software and Affected Versions: ARPrice versions n/a through 4.0.3 Description: The issue is related to the deserialization of untrusted data, which allows object injection in NotFound ARPrice. Recommendations: For versions n/a through 4.0.3, at the moment, there is no...
WordPress ARPrice 4.0.3 PHP Object Injection
WordPress ARPrice plugin versions 4.0.3 and below suffer from an authenticated PHP object injection vulnerability. CVE-2024-49699 ARPrice = 4.0.3 - Authenticated Subscriber+ PHP Object Injection Description The ARPrice plugin for WordPress is vulnerable to PHP Object Injection in versions up to,...
Exploit for CVE-2024-49699
CVE-2024-49699 ARPrice...
WordPress ARPrice plugin <= 4.1.3 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...
WordPress ARPrice plugin <= 4.1.3 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...
WordPress ARPrice plugin <= 4.1.3 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...
WordPress ARPrice plugin <= 4.1.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...
WordPress ARPrice plugin <= 4.1.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin ARPrice versions = 4.1.3...
CVE-2022-0867 ARPrice Lite < 3.6.1 - Unauthenticated SQLi
The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users...
The vulnerability of the ARPrice Lite plugin of the WordPress content management system allows a hacker to perform a CSRF attack.
The vulnerability of the ARPrice Lite plugin of the WordPress content management system is related to insufficient protection when entering CSRF requests. Exploiting this vulnerability can allow a remote attacker to execute a CSRF attack...
WordPress ARPrice Lite plugin cross-site request forgery vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the core/views/arpriceimportexport.php file in version 2.2 of the WordPr...
CVE-2019-14679
core/views/arpriceimportexport.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arpliteimportexport CSRF...