WordPress KKProgressbar2 Free plugin <= 1.1.4.2 - Progress Bar Deletion via CSRF vulnerability

Progress Bar Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin KKProgressbar2 Free versions = 1.1.4.2...

WordPress KKProgressbar2 Free plugin <= 1.1.4.2 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin KKProgressbar2 Free versions = 1.1.4.2...

WordPress KKProgressbar2 Free plugin <= 1.1.4.2 - Admin+ SQL Injection vulnerability

Admin+ SQL Injection vulnerability discovered by Bob Matyas in WordPress Plugin KKProgressbar2 Free versions = 1.1.4.2...

CVE-2024-4534

CVE-2024-4534 affects KKProgressbar2 Free WordPress plugin (versions

WordPress plugin KKProgressbar2 Free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-31574 · WordPress · Kkprogressbar2 Free

Name of the Vulnerable Software and Affected Versions: KKProgressbar2 Free WordPress plugin versions 1.1.4.2 and earlier Description: The issue allows admin users to perform SQL injection attacks due to the lack of sanitization and escaping of a parameter before using it in a SQL statement...

WordPress plugin KKProgressbar2 Free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress KKProgressbar2 Free Plugin <= 1.1.4.2 is vulnerable to SQL Injection

Software KKProgressbar2 Free Type Plugin Vulnerable versions = 1.1.4.2 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4533 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 7e1076893ab0 Credits Bob Matyas Required privilege Administrator...

PT-2024-31575 · WordPress · Kkprogressbar2 Free

Name of the Vulnerable Software and Affected Versions: KKProgressbar2 Free WordPress plugin versions 1.1.4.2 and earlier Description: The issue concerns the lack of CSRF checks in certain areas and missing sanitization as well as escaping. This could allow attackers to make logged-in admins add...

PT-2024-31578 · WordPress · Kkprogressbar2 Free

Name of the Vulnerable Software and Affected Versions: KKProgressbar2 Free WordPress plugin versions 1.1.4.2 and earlier Description: The issue concerns the lack of CSRF checks in certain areas, potentially allowing attackers to trick logged-in users into performing unintended actions through CSR...

WordPress plugin KKProgressbar2 Free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

KKProgressbar2 Free <= 1.1.4.2 - Progress Bar Deletion via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks Make a logged in admin open an HTML file containing where is a valid ID: "...