15 matches found
EUVD-2022-24942
Malicious code in bioql PyPI...
CVE-2022-1656
Vulnerable versions of the JupiterX Theme =2.0.6 allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterxapiajax actions registered by the JupiterX Core Plugin =2.0.6. This includes the...
Path traversal
Vulnerable versions of the Jupiter = 6.10.1 and JupiterX = 2.0.6 Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterxcploadpaneaction AJAX action present in the...
CVE-2022-1656
Vulnerable versions of the JupiterX Theme =2.0.6 allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterxapiajax actions registered by the JupiterX Core Plugin =2.0.6. This includes the...
CVE-2022-1656
Vulnerable versions of the JupiterX Theme =2.0.6 allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterxapiajax actions registered by the JupiterX Core Plugin =2.0.6. This includes the...
Design/Logic Flaw
Vulnerable versions of the JupiterX Theme =2.0.6 allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterxapiajax actions registered by the JupiterX Core Plugin =2.0.6. This includes the...
CVE-2022-1657 JupiterX Theme <= 2.0.6 and Jupiter Theme <= 6.10.1 - Authenticated Path Traversal and Local File Inclusion
Vulnerable versions of the Jupiter = 6.10.1 and JupiterX = 2.0.6 Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterxcploadpaneaction AJAX action present in the...
CVE-2022-1657 JupiterX Theme <= 2.0.6 and Jupiter Theme <= 6.10.1 - Authenticated Path Traversal and Local File Inclusion
Vulnerable versions of the Jupiter = 6.10.1 and JupiterX = 2.0.6 Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterxcploadpaneaction AJAX action present in the...
CVE-2022-1656
CVE-2022-1656 affects JupiterX Theme and JupiterX Core Plugin (versions
CVE-2022-1656 JupiterX Theme <= 2.0.6 and JupiterX Core <= 2.0.6 - Authenticated Arbitrary Plugin Deactivation and Settings Modification
Vulnerable versions of the JupiterX Theme =2.0.6 allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterxapiajax actions registered by the JupiterX Core Plugin =2.0.6. This includes the...
CVE-2022-1656 JupiterX Theme <= 2.0.6 and JupiterX Core <= 2.0.6 - Authenticated Arbitrary Plugin Deactivation and Settings Modification
Vulnerable versions of the JupiterX Theme =2.0.6 allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterxapiajax actions registered by the JupiterX Core Plugin =2.0.6. This includes the...
WordPress JupiterX Theme和Jupiter Theme路径遍历漏洞
WordPress and others are products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. WordPress JupiterX Theme and Jupiter Theme suffer from a path traversal vulnerability that can be exploited by...
PT-2022-14027 · Unknown · Jupiter Theme +1
Name of the Vulnerable Software and Affected Versions: JupiterX Theme versions =2.0.6 JupiterX Core Plugin versions =2.0.6 Description: The issue allows any logged-in user to access functions registered in "lib/api/api/ajax.php", including jupiterx api ajax actions. This grants the ability to...
JupiterX Core 安全漏洞
JupiterX Core is a Wordpress Advanced View plugin. WordPress JupiterX Theme and JupiterX Core Plugin are vulnerable to an access control error that could be exploited by attackers to compromise site security or functionality...
JupiterX Theme 路径遍历漏洞
WordPress and others are products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. WordPress JupiterX Theme and Jupiter Theme suffer from a path traversal vulnerability that can be exploited by...