4 matches found
WordPress Giveaway plugin <= 1.2.2 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability discovered by Mesut Cetin in WordPress Giveaway plugin versions = 1.2.2. Solution This plugin has been closed as of July 1, 2021 and is not available for download. This closure is temporary, pending a full review...
WordPress Include Me plugin <= 1.2.1 - Path traversal and Local File Inclusion (LFI) vulnerability leading to Remote Code Execution (RCE)
Path traversal and Local File Inclusion LFI vulnerability leading to Remote Code Execution RCE discovered by Mesut Cetin in WordPress Include Me plugin versions = 1.2.1. Solution Update the WordPress Include Me plugin to the latest available version at least 1.2.2...
WordPress Visitors plugin <= 0.3 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Mesut Cetin in WordPress Visitors plugin versions = 0.3. Solution This plugin has been closed as of May 26, 2021 and is not available for download. This closure is temporary, pending a full review...
WordPress Cookie Law Bar plugin <= 1.2.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Mesut Cetin in WordPress Cookie Law Bar plugin versions = 1.2.1. Solution 2021 May 27th, no information about the patched version available, the last update released 4 years ago...