WordPress RevivePress – Keep your Old Content Evergreen plugin <= 1.5.8 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin RevivePress versions = 1.5.8...

EUVD-2024-17569

Malicious code in bioql PyPI...

CVE-2024-1844

The RevivePress – Keep your Old Content Evergreen plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the importdata and copydata functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated...

CVE-2024-1844

The RevivePress – Keep your Old Content Evergreen plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the importdata and copydata functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated...

CVE-2024-1844 RevivePress – Keep your Old Content Evergreen <= 1.5.6 - Missing Authorization

The RevivePress – Keep your Old Content Evergreen plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the importdata and copydata functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated...

CVE-2024-1844

CVE-2024-1844 (RevivePress plugin) Vulnerability in RevivePress – Keep your Old Content Evergreen for WordPress (up to version 1.5.6) due to missing capability checks in import_data and copy_data. This enables authenticated attackers with subscriber-level access or higher to view and modify plugi...

CVE-2024-1844 RevivePress – Keep your Old Content Evergreen <= 1.5.6 - Missing Authorization

The RevivePress – Keep your Old Content Evergreen plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the importdata and copydata functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated...

PT-2024-18355 · WordPress · Revivepress

Name of the Vulnerable Software and Affected Versions: RevivePress – Keep your Old Content Evergreen plugin for WordPress versions up to, and including, 1.5.6 Description: The issue allows unauthorized access and modification of data due to a missing capability check on the import data and copy...

WordPress RevivePress Plugin <= 1.5.6 is vulnerable to Broken Access Control

Software RevivePress Type Plugin Vulnerable versions = 1.5.6 Fixed in 1.5.6.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1844 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1928554db9aa Credits Lucio Sá Required privilege...

WordPress Plugin RevivePress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

RevivePress < 1.5.6.1 - Subscriber+ Settings Update/Access

Description The plugin is vulnerable to unauthorized access and modification of data due to a missing capability check on the importdata and copydata functions. This makes it possible for authenticated attackers, with subscriber-level access or higher, to overwrite plugin settings and view them...

WordPress RevivePress Plugin < 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software RevivePress Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e19b58dc50bd Credits Rafie Muhammad Patchstack Required...

WordPress RevivePress – Keep your Old Content Evergreen plugin < 1.3.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress RevivePress – Keep your Old Content Evergreen plugin versions 1.3.1. Solution Update the WordPress RevivePress – Keep your Old Content Evergreen plugin to the latest available version at least 1.3.1...

WordPress RevivePress – Keep your Old Content Evergreen plugin < 1.3.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress RevivePress – Keep your Old Content Evergreen plugin versions 1.3.1. Solution Update the WordPress RevivePress – Keep your Old Content Evergreen plugin to the latest available version at least 1.3.1...