5 matches found
WordPress WordPress Review Plugin plugin <= 5.3.5 - Authenticated (Contributor+) Local File Inclusion via Post Custom Fields vulnerability
Authenticated Contributor+ Local File Inclusion via Post Custom Fields vulnerability discovered by Hiroho Shimada in WordPress Plugin WordPress Review Plugin versions = 5.3.5...
WordPress HUSKY plugin <= 1.3.6.5 - Unauthenticated Local File Inclusion vulnerability
Unauthenticated Local File Inclusion vulnerability discovered by Hiroho Shimada in WordPress Plugin HUSKY versions = 1.3.6.5...
$937 Bounty Awarded for Privilege Escalation and Local File Inclusion Vulnerabilities Patched in MasterStudy LMS WordPress Plugin
🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 25th, 2024, during our second Bug Bounty Extravaganza...
WordPress MasterStudy LMS Plugin <= 3.3.3 is vulnerable to Local File Inclusion
Software MasterStudy LMS Type Plugin Vulnerable versions = 3.3.3 Fixed in 3.3.4 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-3136 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 0e613f9f337e Credits Hiroho Shimada Required privilege...
WordPress MasterStudy LMS Plugin <= 3.3.1 is vulnerable to Privilege Escalation
Software MasterStudy LMS Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-2409 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 8dbe36bee6fd Credits Hiroho...