5 matches found
WordPress plugin Booking & Appointment Plugin for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-4898
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site ...
Exploit for Missing Authorization in Cookieinformation Wp-Gdpr-Compliance
CVE-2023-6700 Cookie Information | Free GDPR Consent Solution...
CVE-2023-3124
The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the updatepageoption function in versions up to, and including, 3.11.6. This makes it possible for authenticated attackers with subscriber-level capabilities to update...
CVE-2023-3124 Elementor Pro <= 3.11.6 - Authenticated(Subscriber+) Privilege Escalation via update_page_option
The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the updatepageoption function in versions up to, and including, 3.11.6. This makes it possible for authenticated attackers with subscriber-level capabilities to update...