29 matches found
CVE-2019-15816
The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via savesettingspage and other save functions...
CVE-2019-15816
The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via savesettingspage and other save functions...
Design/Logic Flaw
The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via savesettingspage and other save functions...
CVE-2019-15816
The CVE-2019-15816 entry concerns the WordPress plugin wp-private-content-plus. Connected sources confirm that versions before 2.0 allow option changes via save_settings_page and other save_ functions without proper protection, enabling unauthenticated modification of plugin options. The vulnerab...
CVE-2019-15816
The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via savesettingspage and other save functions...
WordPress stops-core-theme-and-plugin-updates plugin has unspecified vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. stops-core-theme-and-plugin-updates is an update management plugin that is used to manage updates to WordPress and its related plugins...
CVE-2019-15650
The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPress has insufficient restrictions on option changes such as disabling unattended theme updates because of a nonce check error...
WordPress Simple 301 Redirects Addon Bulk Uploader plugin <= 1.2.4 - Unauthenticated option changes and other security issues
Unauthenticated option changes and other security issues found by Jerome Bruandet Nintechnet in WordPress Simple 301 Redirects Addon Bulk Uploader plugin versions = 1.2.4. Solution Update the WordPress Simple 301 Redirects Addon Bulk Uploader plugin to the latest available version at least 1.2.5...
Simple 301 Redirects Addon Bulk Uploader <= 1.2.4 - Multiple Issues
Unauthenticated option changes vulnerability that could allow an attacker to redirect all pages and posts of the blog to a malicious website, as well as an authenticated options export/deletion vulnerability...