3 matches found
WordPress ParallaxSome theme <= 1.3.6 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress ParallaxSome theme versions = 1.3.6. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...
WordPress ParallaxSome theme <= 1.3.6 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress ParallaxSome theme versions = 1.3.6. Solution Deactivate and delete. The vendor ignores the vulnerability reports avoids any conversation...
WordPress ParallaxSome theme <= 1.3.6 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress ParallaxSome theme versions = 1.3.6. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignore...