208 matches found
WordPress BackupBuddy <8.8.3 - Cross Site Scripting
WordPress BackupBuddy plugin before 8.8.3 contains a cross-site vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in various locations. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected...
WordPress PayPal Pro <1.1.65 - SQL Injection
WordPress PayPal Pro plugin before 1.1.65 is susceptible to SQL injection via the 'query' parameter which allows for any unauthenticated user to perform SQL queries with the results output to a web page in JSON format. id: CVE-2020-14092 info: name: WordPress PayPal Pro 1.1.65 - SQL Injection...
BackupBuddy - Local File Inclusion
BackupBuddy versions 8.5.8.0 - 8.7.4.1 are vulnerable to a local file inclusion vulnerability via the 'download' and 'local-destination-id' parameters. id: CVE-2022-31474 info: name: BackupBuddy - Local File Inclusion author: aringo severity: high description: BackupBuddy versions 8.5.8.0 - 8.7.4...
CVE-2026-27056
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
CVE-2026-27056
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
CVE-2026-27056 WordPress iThemes Sync plugin <= 3.2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
CVE-2026-27056 WordPress iThemes Sync plugin <= 3.2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
CVE-2026-27056
The CVE-2026-27056 entry concerns the WordPress plugin StellarWP iThemes Sync (WordPress) with a Broken/Missing Authorization vulnerability in its access control. Affected software: iThemes Sync plugin versions up to and including 3.2.8. Root cause inferred from descriptions: misconfigured access...
PT-2026-20762
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
WordPress plugin iThemes Sync 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress iThemes Sync plugin <= 3.2.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin iThemes Sync versions = 3.2.8...
CVE-2023-40001
Missing Authorization vulnerability in SolidWP iThemes Sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through 2.1.13...
CVE-2022-31474
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in iThemes BackupBuddy allows Path Traversal.This issue affects BackupBuddy: from 8.5.8.0 through 8.7.4.1...
EUVD-2015-9213
Malware in sbrugna...
EUVD-2015-9208
Malware in sbrugna...
EUVD-2015-9209
Malware in sbrugna...
EUVD-2015-9212
Malware in sbrugna...
EUVD-2015-9210
Malware in sbrugna...
EUVD-2015-9215
Malware in sbrugna...
EUVD-2015-9207
Malware in sbrugna...