WordPress Login Lockdown Plugin <= 2.08 is vulnerable to Broken Access Control

Software Login Lockdown Type Plugin Vulnerable versions = 2.08 Fixed in 2.09 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1340 Patch priority Low CVSS severity Low 5.4 Developer WebFactory Ltd. PSID 5a8910b6c979 Credits Lucio Sá Required privilege...

WordPress Portfolio – WordPress Portfolio Plugin Plugin <= 2.8.10 is vulnerable to Cross Site Scripting (XSS)

Software Portfolio – WordPress Portfolio Plugin Type Plugin Vulnerable versions = 2.8.10 Fixed in 2.8.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23685 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 518a0520e6c9 Credit...