WordPress W3 Total Cache plugin <= 2.8.1 Missing Authorization to Unauthenticated Plugin Deactivation and Extensions Activation/Deactivation vulnerability

WordPress W3 Total Cache plugin = 2.8.1 Missing Authorization to Unauthenticated Plugin Deactivation and Extensions Activation/Deactivation vulnerability discovered by villu164 in WordPress Plugin W3 Total Cache versions = 2.8.1...

$4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Through October 14th, researchers can earn up to $31,200, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, an...

WordPress wpDataTables - Tables & Table Charts (Premium) plugin <= 6.3.2 - Missing Authorization to DataTable Access & Modification vulnerability

WordPress wpDataTables - Tables & Table Charts Premium plugin = 6.3.2 - Missing Authorization to DataTable Access & Modification vulnerability discovered by villu164 in WordPress Plugin wpDataTables versions = 6.3.2...

WordPress Tutor LMS plugin <= 2.7.0 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by villu164 in WordPress Plugin Tutor LMS versions = 2.7.0...

WordPress Tutor LMS Pro plugin <= 2.7.0 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by villu164 in WordPress Plugin Tutor LMS Pro versions = 2.7.0...

WordPress Tutor LMS Pro Plugin <= 2.7.0 is vulnerable to Privilege Escalation

Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-4351 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID fc3d215c9303 Credits villu164...

WordPress Tutor LMS Pro Plugin <= 2.7.0 is vulnerable to Broken Access Control

Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4352 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 7694afbc9e58 Credits villu164 Required privilege...