WordPress AnyWhere Elementor Plugin < 1.2.8 is vulnerable to Sensitive Data Exposure

Software AnyWhere Elementor Type Plugin Vulnerable versions 1.2.8 Fixed in 1.2.8 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0443 Patch priority Low CVSS severity Low 5 Developer WPVibes PSID 5959639f04b8 Credits Sanjay Das Required privilege...

WordPress WP ALL Export Pro plugin <= 1.7.8 - Authenticated Code Injection vulnerability

Authenticated Code Injection vulnerability discovered by Sanjay Das in WordPress WP ALL Export Pro plugin versions = 1.7.8. Solution Update the WordPress WP ALL Export Pro plugin to the latest available version at least 1.7.9...

WordPress WP ALL Export Pro premium plugin <= 1.7.8 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Sanjay Das in WordPress WP ALL Export Pro premium plugin versions = 1.7.8. Solution Update the WordPress WP ALL Export Pro plugin to the latest available version at least 1.7.9...

WordPress Import all XML, CSV & TXT plugin <= 6.5.7 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Sanjay Das in WordPress Import all XML, CSV & TXT plugin versions = 6.5.7. Solution Update the WordPress WP Ultimate CSV Importer plugin to the latest available version at least 6.5.8...