2 matches found
PT-2024-35124 · Tagdiv · Tagdiv Composer
Name of the Vulnerable Software and Affected Versions: tagDiv Composer plugin for WordPress versions up to, and including, 5.0 Description: The issue is related to Reflected Cross-Site Scripting via the envato code parameter due to insufficient input sanitization and output escaping within the on...
PT-2024-34664 · WordPress · Login With Phone Number
Name of the Vulnerable Software and Affected Versions: Login with phone number plugin for WordPress versions up to 1.7.26 Description: The issue is related to authentication bypass due to the activation code default value being empty and a missing not empty check in the lwp ajax register function...