6 matches found
EUVD-2019-7653
Malware in sbrugna...
WordPress IgniteUp Arbitrary File Deletion Vulnerability
The WordPress plugin IgniteUp is used to create "Coming Soon" and "Maintenance" mode pages. An arbitrary file deletion vulnerability exists in includes/class-coming-soon-creator.php in IgniteUp 3.4 and earlier versions. An attacker can exploit this vulnerability to delete arbitrary files...
CVE-2019-17236
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS...
CVE-2019-17234
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion...
CVE-2019-17237
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF...
CVE-2019-17235
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure...