2 matches found
PT-2022-24569 · WordPress · The Car Dealer (Dealership)/Vehicle Sales Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: The Car Dealer Dealership and Vehicle sales WordPress Plugin versions prior to 3.05 Description: The issue is related to improper authorization and CSRF in an AJAX action. This allows any authenticated users, such as subscribers, to call the...
PT-2022-21090 · WordPress · Soledad
Name of the Vulnerable Software and Affected Versions: Soledad WordPress theme versions prior to 8.2.5 Description: The issue arises from the lack of sanitization of certain parameters, including id and datafiltertype, in the penci more slist post ajax AJAX action. This leads to a Reflected...