CVE-2024-12316

The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportpopupaction function in all versions up to, and including, 4.8.5. This makes it possible for unauthenticated attackers to export popup templates...

WordPress WP Easy Gallery plugin <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter vulnerability

Authenticated Contributor+ SQL Injection via key Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Easy Gallery versions = 4.8.5...