15 matches found
CVE-2026-39644 WordPress Wp Ultimate Review plugin <= 2.3.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wp Ultimate Review: from n/a through = 2.3.8...
EUVD-2023-50346
Malicious code in bioql PyPI...
WordPress plugin Wp Ultimate Review 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability
Review Score Manipulation vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...
WordPress Wp Ultimate Review Plugin <= 2.2.5 is vulnerable to Bypass Vulnerability
Software Wp Ultimate Review Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.3.0 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2024-32685 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c0b2e06cd798 Credits Kyle Sanchez Required...
WordPress Wp Ultimate Review Plugin <= 2.2.5 is vulnerable to Broken Access Control
Software Wp Ultimate Review Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.3.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32684 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0e0c02f9a698 Credits Kyle Sanchez Required...
WordPress Wp Ultimate Review Plugin <= 2.3.5 is vulnerable to Bypass Vulnerability
Software Wp Ultimate Review Type Plugin Vulnerable versions = 2.3.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Bypass Vulnerability CVE CVE-2024-21746 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a561906d804e Credits Mika Required privilege...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Wpmet Wp Ultimate Review plugin = 2.0.3 versions...
CVE-2023-28987
CVE-2023-28987 is a CSRF vulnerability in the WordPress plugin Wp Ultimate Review (Wpmet Wp Ultimate Review) affecting versions <= 2.0.3. The issue allows an attacker to perform unintended actions on behalf of an authenticated or unauthenticated user, depending on context, due to CSRF flaws de...
WordPress Plugin Wp Ultimate Review Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
CVE-2023-46085 WordPress Wp Ultimate Review Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Wpmet Wp Ultimate Review plugin = 2.2.4 versions...
WordPress Plugin Wp Ultimate Review Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Wp Ultimate Review...
CVE-2023-28751
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wpmet Wp Ultimate Review plugin = 2.0.3 versions...
CVE-2023-28751
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wpmet Wp Ultimate Review plugin = 2.0.3 versions...
CVE-2023-28751 WordPress Wp Ultimate Review Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wpmet Wp Ultimate Review plugin = 2.0.3 versions...