WordPress plugin Geo Controller 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Geo Controller plugin <= 8.9.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Geo Controller versions = 8.9.4...

EUVD-2024-48317

Malicious code in bioql PyPI...

EUVD-2024-48316

Malicious code in bioql PyPI...

CVE-2024-7381

The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to missing authorization and capability checks on the ajaxshortcodecache function in all versions up to, and including, 8.6.9. This makes it possible for unauthenticated attackers to execute arbitrary...

CVE-2024-7380

The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...

CVE-2024-7380

The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...

CVE-2024-7380

The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.6.9. This makes it possible for authenticated attackers, with...

CVE-2024-7381

CVE-2024-7381 : The WordPress plugin Geo Controller is vulnerable to unauthenticated shortcode execution due to missing authorization and capability checks on the ajax__shortcode_cache function in all versions up to and including 8.6.9. This allows unauthenticated attackers to execute arbitrary s...

CVE-2024-7380

CVE-2024-7380 — Geo Controller (WordPress) security issue : The Geo Controller plugin (WordPress) up to and including version 8.6.9 is vulnerable to unauthorized menu creation/deletion due to missing capability checks in ajax__geolocate_menu and ajax__geolocate_remove_menu. Affected product: Geo ...

WordPress Geo Controller plugin <= 8.7.3 - Multiple Missing Authorization vulnerability

Multiple Missing Authorization vulnerability discovered by Lucio Sá in WordPress Plugin Geo Controller versions = 8.7.3...

PT-2024-26777 · WordPress · Geo Controller

Name of the Vulnerable Software and Affected Versions: Geo Controller WordPress plugin versions prior to 8.6.5 Description: The issue allows unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog, due to the plugin unserializing user input via some of...

CVE-2024-30227 WordPress Geo Controller plugin <= 8.6.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue affects Geo Controller: from n/a through 8.6.4...