585 matches found
WordPress plugin Download Manager 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...
WordPress WP Simple Pay Lite Manager Plugin <= 1.4 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin WP Simple Pay Lite Manager versions = 1.4...
CVE-2023-50373 WordPress Alt Manager plugin <= 1.6.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WPSAAD Alt Manager alt-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alt Manager: from n/a through = 1.6.1...
WordPress plugin Alt Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress plugin JS Job Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress WP Project Manager plugin <= 2.6.26 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Joshua Martinelle in WordPress Plugin WP Project Manager versions = 2.6.26...
WordPress plugin WP User Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-10520
CVE-2024-10520 (WP Project Manager, WordPress) The WP Project Manager plugin (v2.6.14 and earlier) is vulnerable to unauthorized data modification due to a missing capability check in Create_Milestone, Create_Task_List, Create_Task, and Delete_Task. This allows unauthenticated remote actors to cr...
WordPress plugin WP Project Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-39017 · WordPress · Download Manager
Name of the Vulnerable Software and Affected Versions: Download Manager WordPress plugin versions prior to 3.3.00 Description: The issue is related to the Download Manager WordPress plugin, where some shortcode parameters are not properly sanitized, leading to cross-site scripting. Recommendation...
WordPress plugin Download Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Smart Manager Plugin <= 8.45.0 is vulnerable to Broken Access Control
Software Smart Manager Type Plugin Vulnerable versions = 8.45.0 Fixed in 8.46.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-49687 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4f61d787da04 Credits Ananda Dhakal Patchstack...
WordPress MAS Companies For WP Job Manager plugin <= 1.0.13 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin MAS Companies For WP Job Manager versions = 1.0.13...
VulnCheck KEV: CVE-2018-25105
The File Manager plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in the /inc/root.php file in versions up to, and including, 3.0. This makes it possible for unauthenticated attackers to download arbitrary files from the server and upload arbitrary...
WordPress plugin GDPR-Extensions-com-Consent Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress House Manager plugin <= 1.0.8.4 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin House Manager versions = 1.0.8.4...
CVE-2024-3973
The House Manager WordPress plugin through 1.0.8.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress House Manager Plugin <= 1.0.8.4 is vulnerable to Cross Site Scripting (XSS)
Software House Manager Type Plugin Vulnerable versions = 1.0.8.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3973 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cf2e1703476c Credits Bob Matyas Required...
WordPress Zephyr Project Manager plugin < 3.3.99 - Editor+ stored XSS vulnerability
Editor+ stored XSS vulnerability discovered by Adrian Peña Barragan in WordPress Plugin Zephyr Project Manager versions 3.3.99...
PT-2024-37476 · WordPress · Pz Frontend Manager
Name of the Vulnerable Software and Affected Versions: PZ Frontend Manager WordPress plugin versions prior to 1.0.6 Description: The issue concerns a lack of CSRF checks in certain areas, potentially allowing attackers to trick logged-in users into performing unintended actions through CSRF...