EUVD-2015-3672

Malware in sbrugna...

WordPress plugin ZoxPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-3237 ConvertPlug <= 3.5.25 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update

The ConvertPlug plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the cpdismissnotice function in all versions up to, and including, 3.5.25. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

CVE-2024-1385 WP-Stateless – Google Cloud Storage <= 3.4.0 - Missing Authorization to Limited Arbitrary Options Update

The WP-Stateless – Google Cloud Storage plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the dismissnotices function in all versions up to, and including, 3.4.0. This makes it possible for authenticated attackers, with subscriber-level access an...

CVE-2024-1385

The CVE refers to WP-Stateless (Google Cloud Storage) for WordPress, with a missing capability check in dismiss_notices() that affects all versions up to 3.4.0. The vulnerability allows authenticated users with subscriber-level access and above to update arbitrary option values to the current tim...

CVE-2019-6703

Incorrect access control in miglaajaxfunctions.php in the Calmar Webmedia Total Donations plugin through 2.0.5 for WordPress allows unauthenticated attackers to update arbitrary WordPress option values, leading to site takeover. These attackers can send requests to wp-admin/admin-ajax.php to call...