Lucene search
K

8 matches found

Patchstack
Patchstack
added 2021/12/09 12:0 a.m.22 views

WordPress tarteaucitron.js – Cookies legislation & GDPR plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS discovered by Julio Potier SecuPress.me in WordPress tarteaucitron.js – Cookies legislation & GDPR plugin versions = 1.5.4. Solution Update the WordPress tarteaucitron.js – Cookies legislation & GDPR plugin to the...

8.8CVSS2.6AI score0.00492EPSS
Exploits1References2Affected Software1
wpexploit
wpexploit
added 2021/04/21 12:0 a.m.319 views

iThemes Security Free (< 7.9.1) & Pro (< 6.8.4) - Hide Backend Bypass

Both the iThemes Security free and pro versions were affected. - Patched in Version iThemes Security: 7.9.1 - Patched in Version iThemes Security Pro: 6.8.4 The bug allowed attackers to bypass the "Hide Backend" feature, that, when enabled, hides the WordPress wp-login.php and wp-admin pages...

7.4AI score
Exploits0References2
Patchstack
Patchstack
added 2021/04/21 12:0 a.m.8 views

WordPress iThemes Security Pro premium plugin <= 6.8.3 - Hide Backend Bypass vulnerability

Hide Backend Bypass vulnerability discovered by Julio Potier SecuPress in WordPress iThemes Security Pro premium plugin versions = 6.8.3. Solution Update the WordPress iThemes Security Pro premium plugin to the latest available version at least 6.8.4...

2.3AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2021/04/21 12:0 a.m.15 views

WordPress iThemes Security plugin <= 7.9.0 - Hide Backend Bypass vulnerability

Hide Backend Bypass vulnerability discovered by Julio Potier SecuPress in WordPress iThemes Security plugin versions = 7.9.0. Solution Update the WordPress iThemes Security plugin to the latest available version at least 7.9.1...

1.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2020/06/03 12:0 a.m.9 views

WordPress Newspaper premium theme <= 10.3.3 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Julio Potier Secupress in WordPress Newspaper premium theme versions = 10.3.3. Solution Update the WordPress Newspaper premium theme to the latest available version at least 10.3.4...

2.3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2020/01/29 12:0 a.m.11 views

WordPress Contextual Adminbar Color plugin <= 0.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Julio Potier in WordPress Contextual Adminbar Color plugin versions = 0.2. Solution Update the WordPress Contextual Adminbar Color plugin to the latest available version at least 0.3...

2.3AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2019/07/24 12:0 a.m.14 views

WordPress WPS Limit Login plugin <= 1.4.5 - Stored Cross-Site Scripting (XSS) and Protection Bypass vulnerabilities

Stored Cross-Site Scripting XSS and Protection Bypass vulnerabilities found by Julio Potier in WordPress WPS Limit Login plugin versions = 1.4.5. Solution Update the WordPress WPS Limit Login plugin to the latest available version at least 1.4.6...

2.4AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2019/07/24 12:0 a.m.14 views

WordPress WPS Child Themes Generator plugin <= 1.1 - Path Traversal vulnerability

Path Traversal vulnerability found by Julio Potier in WordPress WPS Child Themes Generator plugin versions = 1.1. Solution Update the WordPress WPS Child Themes Generator plugin to the latest available version at least 1.2...

2.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder