11 matches found
pantry
▄▄ ▄▄ ▄█▀▀█▄ █▄ █...
CVE-2024-9889
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.9 via the Page Loader widget. This makes it possible for authenticated attackers, with contributor-level access and above, to view...
CVE-2024-9889
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.9 via the Page Loader widget. This makes it possible for authenticated attackers, with contributor-level access and above, to view...
CVE-2024-9889
CVE-2024-9889 affects ElementInvader Addons for Elementor (WordPress). The vulnerability allows authenticated attackers with contributor-level access and above to perform Sensitive Information Exposure via the Page Loader widget, enabling viewing of private/draft/password-protected posts, pages, ...
PT-2024-39915 · WordPress · Elementinvader Addons For Elementor
Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor plugin for WordPress versions up to, and including, 1.2.9 Description: The issue allows authenticated attackers with contributor-level access and above to view private, draft, and password-protected posts,...
WordPress Advanced AJAX Page Loader Plugin <= 2.7.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Advanced AJAX Page Loader Type Plugin Vulnerable versions = 2.7.7 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6310 Patch priority Low CVSS severity Low 9.6 Developer Claim ownership PSID b14ebfbe3313 Credits István Márto...
WordPress plugin Advanced AJAX Page Loader security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2016-10929
The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in...
CVE-2016-10929
The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in...
CVE-2016-10929
The CVE-2016-10929 entry concerns the WordPress plugin “advanced-ajax-page-loader” prior to version 2.7.7. The vulnerability is that there is no protection against reading uploaded files when the user is not logged in, enabling unauthenticated access to uploaded content. The available connected d...
WordPress Advanced AJAX Page Loader plugin <= 2.7.4 - Arbitrary File Upload Vulnerability
WordPress Advanced AJAX Page Loader plugin = 2.7.4 is prone to An Arbitrary File Upload Vulnerability. The vulnerability allows an attacker to upload an arbitrary file. When you access /wp-admin/admin-post.php page, the function adminmenuAAPL is caused to run. This function calls...