2 matches found
PT-2025-4924 · Unknown · Custom Post Type Lockdown
Name of the Vulnerable Software and Affected Versions: Custom Post Type Lockdown versions prior to 1.11 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows privilege escalation. This means an attacker can trick a user into performing unintended actions on a web...
Vik Rent Car 1.10 and previous
Vik Rent Car 1.10 and previous, SQL injection Resolution: update to 1.11 Update notice: https://extensionsforjoomla.com/blog/12-updates/46-security-notices-sql-injection-reports...