6 matches found
Crypto <= 2.15 - Authentication Bypass
The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. This is due a to limited arbitrary method call to 'cryptoconnectajaxprocess::login' function in the 'cryptoconnectajaxprocess' function. This makes it possible for unauthenticated...
WordPress User Post Gallery <=2.19 - Remote Code Execution
WordPress User Post Gallery plugin through 2.19 is susceptible to remote code execution. The plugin does not limit which callback functions can be called by users, making it possible for an attacker execute malware, obtain sensitive information, modify data, and/or gain full control over a...
PT-2025-16078 · Unknown · Odude Flexi – Guest Submit
Name of the Vulnerable Software and Affected Versions: odude Flexi – Guest Submit versions 4.28 and earlier Description: The issue is related to an improper control of filename for include/require statement in a PHP program, also known as PHP Remote File Inclusion, which allows PHP Local File...
ODude Dir - DT
ODude DIR - DT-777 developer statement ODude Dir 1.1 updated with fixed securities issues. http://www.odude.com/main/dir/dir-log.html...
ODude Ecard - DT
ODude Ecard - DT - 777 developer statement - ODude Ecard Version 2.1 http://www.odude.com/main/odude-ecard/ecard-log.html...
ODude Profile
ODude Profile Directory Traversal vulnerability - 777 developer statement ODude Profile | 3.2 | http://www.odude.com/main/profile/profile-changelog.html ---|---|---...