8 matches found
WordPress tarteaucitron.js – Cookies legislation & GDPR plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS)
Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS discovered by Julio Potier SecuPress.me in WordPress tarteaucitron.js – Cookies legislation & GDPR plugin versions = 1.5.4. Solution Update the WordPress tarteaucitron.js – Cookies legislation & GDPR plugin to the...
iThemes Security Free (< 7.9.1) & Pro (< 6.8.4) - Hide Backend Bypass
Both the iThemes Security free and pro versions were affected. - Patched in Version iThemes Security: 7.9.1 - Patched in Version iThemes Security Pro: 6.8.4 The bug allowed attackers to bypass the "Hide Backend" feature, that, when enabled, hides the WordPress wp-login.php and wp-admin pages...
WordPress iThemes Security Pro premium plugin <= 6.8.3 - Hide Backend Bypass vulnerability
Hide Backend Bypass vulnerability discovered by Julio Potier SecuPress in WordPress iThemes Security Pro premium plugin versions = 6.8.3. Solution Update the WordPress iThemes Security Pro premium plugin to the latest available version at least 6.8.4...
WordPress iThemes Security plugin <= 7.9.0 - Hide Backend Bypass vulnerability
Hide Backend Bypass vulnerability discovered by Julio Potier SecuPress in WordPress iThemes Security plugin versions = 7.9.0. Solution Update the WordPress iThemes Security plugin to the latest available version at least 7.9.1...
WordPress Newspaper premium theme <= 10.3.3 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability
Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Julio Potier Secupress in WordPress Newspaper premium theme versions = 10.3.3. Solution Update the WordPress Newspaper premium theme to the latest available version at least 10.3.4...
WordPress Contextual Adminbar Color plugin <= 0.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Julio Potier in WordPress Contextual Adminbar Color plugin versions = 0.2. Solution Update the WordPress Contextual Adminbar Color plugin to the latest available version at least 0.3...
WordPress WPS Limit Login plugin <= 1.4.5 - Stored Cross-Site Scripting (XSS) and Protection Bypass vulnerabilities
Stored Cross-Site Scripting XSS and Protection Bypass vulnerabilities found by Julio Potier in WordPress WPS Limit Login plugin versions = 1.4.5. Solution Update the WordPress WPS Limit Login plugin to the latest available version at least 1.4.6...
WordPress WPS Child Themes Generator plugin <= 1.1 - Path Traversal vulnerability
Path Traversal vulnerability found by Julio Potier in WordPress WPS Child Themes Generator plugin versions = 1.1. Solution Update the WordPress WPS Child Themes Generator plugin to the latest available version at least 1.2...