4 matches found
WordPress Newscrunch theme <= 1.8.4 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability
Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by Gibran Abdillah in WordPress Theme Newscrunch versions = 1.8.4...
WordPress BookingPress Plugin 1.1.6 - 1.1.7 is vulnerable to Broken Authentication
Software BookingPress Type Plugin Vulnerable versions 1.1.6 - 1.1.7 Fixed in 1.1.8 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-7350 Patch priority Low CVSS severity Low 10 Developer Claim ownership PSID a00d0a9226a3 Credits Gibran Abdillah Required...
WordPress Salon Booking System plugin <= 10.2 - Unauthenticated Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload vulnerability discovered by Gibran Abdillah in WordPress Plugin Salon booking system versions = 10.2...
WordPress Jquery Validation For Contact Form 7 plugin <= 5.2 - Arbitrary Options Update via Cross-Site Request Forgery (CSRF) vulnerability
Arbitrary Options Update via Cross-Site Request Forgery CSRF vulnerability discovered by Gibran Abdillah in WordPress Jquery Validation For Contact Form 7 plugin versions = 5.2. Solution Update the WordPress Jquery Validation For Contact Form 7 plugin to the latest available version at least 5.3...