7 matches found
WordPress Login As Users plugin <= 1.4.2 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by John Blackbourn Patchstack Alliance in WordPress Plugin Login As Users versions = 1.4.2...
WordPress Login As Users Plugin <= 1.4.2 is vulnerable to Privilege Escalation
Software Login As Users Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A5: Security Misconfiguration Classification Privilege Escalation CVE CVE-2024-43311 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 61576dd70a4f Credits John Blackbourn Required...
WordPress Gutenberg plugin 12.9.0-18.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Avatar Block vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Avatar Block vulnerability discovered by John Blackbourn in WordPress Plugin Gutenberg versions 12.9.0-18.0.0...
WordPress Core <= 6.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting Via Avatar Block vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting Via Avatar Block vulnerability discovered by John Blackbourn in WordPress core versions = 6.5.0...
GHSA-9XVF-CJVF-FF5Q WP Crontrol vulnerable to possible RCE when combined with a pre-condition
Impact WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability in this feature on its own, there exists potential f...
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by John Blackbourn in WordPress versions = 6.0.1 Solution Update the WordPress to the latest available version at least 6.0.2 or another patched version...
[SECURITY] [DSA 3085-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3085-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez December 03, 2014 http://www.debian.org/security/faq -...