23 matches found
WordPress Post to CSV by BestWebSoft plugin <= 1.4.0 - Authenticated CSV Injection vulnerability
Authenticated CSV Injection vulnerability discovered by Francesco Carlucci in WordPress Post to CSV by BestWebSoft plugin versions = 1.4.0. Solution Deactivate and delete. This plugin has been closed as of September 28, 2022 and is not available for download. This closure is temporary, pending a...
WordPress BestWebSoft plugin denial of service vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress BestWebSoft...
Google Captcha (reCAPTCHA) by BestWebSoft vulnerable to CAPTCHA authentication bypass
Overview Google Captcha reCAPTCHA by BestWebSoft is a plugin for WordPress. Google Captcha reCAPTCHA by BestWebSoft contains a CAPTCHA authentication bypass vulnerability CWE-254. Impact If this vulnerability is exploited, an attacker may be able to successfully login to WordPress and access an...