5 matches found
WordPress Advanced Custom Fields: Extended plugin <= 0.9.2.3 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Kishan Vyas in WordPress Plugin ACF Extended versions = 0.9.2.3...
WordPress Everest Forms Pro plugin <= 1.9.10 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Kishan Vyas in WordPress Plugin Everest Forms Pro versions = 1.9.10...
WordPress GiveWP plugin <= 4.13.1 - Arbitrary Shortocde Execution vulnerability
Arbitrary Shortocde Execution vulnerability discovered by Kishan Vyas in WordPress Plugin GiveWP versions = 4.13.1...
WordPress Classified Listing plugin <= 5.0.3 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Listing Description vulnerability
Authenticated Subscriber+ Arbitrary Shortcode Execution via Listing Description vulnerability discovered by Kishan Vyas in WordPress Plugin Classified Listing versions = 5.0.3...
WordPress Featured Image Plus plugin <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Featured Image Update vulnerability
Missing Authorization to Authenticated Subscriber+ Featured Image Update vulnerability discovered by Kishan Vyas in WordPress Plugin Featured Image Plus versions = 1.6.4...