2 matches found
PT-2021-15895 · WordPress · The Plus Addons For Elementor Page Builder
Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder WordPress plugin versions prior to 4.1.11 Description: The issue allows an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site, as the plugin did n...
Spree Authorization Issues Vulnerability
Spree is a personal developer of an open source mall developed using Ruby on Rails. An authorization issue vulnerability exists in Spree version 3.7.11, version 4.0.4, and versions prior to 4.1.11, which stems from an expired user token that can be used to access the storefront API v2 endpoint. A...