Wordpress plugin Controlled Admin Access 访问控制错误漏洞

WordPress Plugin is an open source application plugin for WordPress. A security vulnerability exists in multiple Wordpress plugins that allows an attacker to use this endpoint to add arbitrary data to predefined options in the wpoptions table. The following products and versions are affected: The...

VulnCheck KEV: CVE-2021-24220

Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared...

WordPress Focusblog premium theme <= 1.97 - Unauthenticated Arbitrary File Upload and Option Deletion

Unauthenticated Arbitrary File Upload and Option Deletion discovered by WordFence in WordPress Focusblog premium theme versions = 1.97. Solution Update the WordPress Focusblog premium theme to the latest available version at least 2.0.0...