20 matches found
CVE-2023-49753
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spoonthemes Adifier System allows PHP Local File Inclusion.This issue affects Adifier System: from n/a before 3.1.4...
EUVD-2023-53676
Malicious code in bioql PyPI...
EUVD-2024-51564
Malicious code in bioql PyPI...
CVE-2024-13375
The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a user's identity prior to updating their details like password through the adifierrecover function. Th...
CVE-2024-13375
The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a user's identity prior to updating their details like password through the adifierrecover function. Th...
CVE-2024-13375 Adifier System <= 3.1.7 - Unauthenticated Arbitrary Password Reset
The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a user's identity prior to updating their details like password through the adifierrecover function. Th...
CVE-2024-13375 Adifier System <= 3.1.7 - Unauthenticated Arbitrary Password Reset
The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a user's identity prior to updating their details like password through the adifierrecover function. Th...
CVE-2024-13375
CVE-2024-13375 concerns the Adifier System plugin for WordPress. Vulnerability: unauthenticated attackers can escalate privileges by taking over accounts (including administrators) via adifier_recover(), exploiting insufficient identity validation when updating passwords. Affected versions: all u...
PT-2025-2140 · WordPress · Adifier System
Name of the Vulnerable Software and Affected Versions: Adifier System plugin for WordPress versions up to, and including, 3.1.7 Description: The issue arises from the plugin's failure to properly validate a user's identity before updating their details, such as passwords, through the adifier...
WordPress plugin Adifier System 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Adifier System plugin <= 3.1.7 - Unauthenticated Arbitrary Password Reset vulnerability
Unauthenticated Arbitrary Password Reset vulnerability discovered by Tonn in WordPress Plugin Adifier System versions = 3.1.7...
CVE-2023-49753
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spoonthemes Adifier System allows PHP Local File Inclusion.This issue affects Adifier System: from n/a before 3.1.4...
CVE-2023-49753 WordPress Adifier System plugin < 3.1.4 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spoonthemes Adifier System allows PHP Local File Inclusion.This issue affects Adifier System: from n/a before 3.1.4...
CVE-2023-49753 WordPress Adifier System plugin < 3.1.4 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spoonthemes Adifier System allows PHP Local File Inclusion.This issue affects Adifier System: from n/a before 3.1.4...
WordPress plugin Adifier System 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in th...
CVE-2023-49187 WordPress Adifier System Plugin < 3.1.4 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spoonthemes Adifier - Classified Ads WordPress Theme allows Reflected XSS.This issue affects Adifier - Classified Ads WordPress Theme: from n/a before 3.1.4...
Adifier System < 3.1.4 - Unauthenticated Local File Inclusion
Description The Adifier System plugin for WordPress is vulnerable to Local File Inclusion in all versions up to 3.1.4 exclusive. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This c...
WordPress Adifier System Plugin < 3.1.4 is vulnerable to Local File Inclusion
Software Adifier System Type Plugin Vulnerable versions 3.1.4 Fixed in 3.1.4 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2023-49753 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 193f6f83729d Credits RE-ALTER Required privilege Unauthenticated...
WordPress Adifier System Plugin < 3.1.4 is vulnerable to SQL Injection
Software Adifier System Type Plugin Vulnerable versions 3.1.4 Fixed in 3.1.4 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-49752 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID bdbcb39edd4b Credits RE-ALTER Required privilege Unauthenticated...
WordPress Adifier System Plugin < 3.1.4 is vulnerable to Cross Site Scripting (XSS)
Software Adifier System Type Plugin Vulnerable versions 3.1.4 Fixed in 3.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49187 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a67ee23d6891 Credits RE-ALTER Required privilege...