56 matches found
CVE-2024-31367
Technical details for CVE-2024-31367 are not provided in the supplied documents. Current records only note a missing authorization vulnerability affecting PenciDesign Soledad up to version 8.4.2; monitor for official updates, patches, and affected releases.
CVE-2024-31367 WordPress Soledad theme <= 8.4.2 - Authenticated Broken Access Control vulnerability
Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2...
PT-2024-24012 · Pencidesign · Soledad
Name of the Vulnerable Software and Affected Versions: Soledad versions through 8.4.2 Description: The issue is related to a Missing Authorization vulnerability in PenciDesign Soledad. Recommendations: For Soledad versions through 8.4.2, at the moment, there is no information about a newer versio...
PT-2024-24014 · Pencidesign · Pencidesign Soledad
Name of the Vulnerable Software and Affected Versions: PenciDesign Soledad versions through 8.4.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a web application...
PT-2024-24013 · Pencidesign · Pencidesign Soledad
Name of the Vulnerable Software and Affected Versions: PenciDesign Soledad versions through 8.4.2 Description: A Missing Authorization issue affects the software. Recommendations: For versions through 8.4.2, update to a version newer than 8.4.2 to resolve the issue...
CVE-2023-49826
Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...
CVE-2023-49826
Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...
Deserialization of untrusted data
Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...
CVE-2023-49826 WordPress Soledad Theme <= 8.4.1 is vulnerable to PHP Object Injection
Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...
CVE-2023-49826
CVE-2023-49826 corresponds to a deserialization of untrusted data vulnerability in the Soledad WordPress theme (versions up to 8.4.1). Root cause: PHP Object Injection via untrusted data deserialization. Impact: unauthenticated remote code execution/total compromise potential on affected sites. A...
CVE-2023-49825
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...
CVE-2023-49825
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...
CVE-2023-49825
CVE-2023-49825 concerns an SQL Injection in the Soledad WordPress Theme (Soledad – Multipurpose, Newspaper, Blog & WooCommerce) by PenciDesign. Affected versions are 8.4.1 and earlier (described as n/a to 8.4.1). Root cause: improper neutralization/escaping of input elements used in SQL queries. ...
CVE-2023-49827
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from...
CVE-2023-49827
CVE-2023-49827 affects the Soledad WordPress theme (multipurpose/Soledad) up to version 8.4.1, enabling Reflected XSS due to improper input handling in web page generation. The Red Hat and Patchstack entries corroborate the vulnerability and list 8.4.2 as the fixed version. Recommended remediatio...