5 matches found
PT-2026-26965
The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.4. This is due to the isDashboardOrProfileRequest method in the Menu Editor module using an insecure strpos check against $ SERVER'REQUEST URI' t...
WordPress Redirection for Contact Form 7 plugin <= 3.2.4 - Unauthenticated PHP Object Injection via PHAR Deserialization vulnerability
Unauthenticated PHP Object Injection via PHAR Deserialization vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Redirection for Contact Form 7 versions = 3.2.4...
WordPress plugin Houzez 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-1831 · Vitalpbx · Vitalpbx
Name of the Vulnerable Software and Affected Versions: VitalPBX versions 3.2.4 through 3.2.5 Description: The issue is related to insufficient protection of service data when processing a script from the /var/lib/vitalpbx directory, allowing an attacker to execute arbitrary code via a crafted...
@pl-test/c (>=1.1.0 <=1.1.1), @pl-test/e (=1.1.0) +6 more potentially affected by CVE-2020-28494 via total.js (>=3.2.4 <=3.4.13)
total.js NPM version =3.2.4, =1.1.0, =0.3.0, =4.0.0, =1.0.0, =0.0.1, =0.0.4 Source cves: CVE-2020-28494 Source advisory: SNYK:JS-TOTALJS-1046672...