CVE-2022-43491

Cross-Site Request Forgery CSRF vulnerability in Advanced Dynamic Pricing for WooCommerce plugin = 4.1.5 on WordPress leading to plugin settings import...

iQ Block Country < 1.2.13 - Admin+ Arbitrary File Deletion via Zip Slip

The settings of the plugin can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip file are extracted one by one. During the extraction process,...