876 matches found
WordPress AI Infographic Maker plugin <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Infographic Maker – iList versions = 4.9.0...
WordPress WooCommerce Product Table Lite plugin <= 3.9.4 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting vulnerability
Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting vulnerability discovered by mikemyers in WordPress Plugin WooCommerce Product Table Lite versions = 3.9.4...
CVE-2024-13453
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13453 Contact Form & SMTP Plugin for WordPress by PirateForms <= 2.6.0 - Unauthenticated Arbitrary Shortcode Execution
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13453
CVE-2024-13453 – WordPress PirateForms plugin vulnerability (CVE summary) The WordPress plugin “Contact Form & SMTP Plugin for WordPress by PirateForms” (up to version 2.6.0) allows unauthenticated attackers to trigger arbitrary shortcodes through an action that calls do_shortcode without proper ...
CVE-2024-13453 Contact Form & SMTP Plugin for WordPress by PirateForms <= 2.6.0 - Unauthenticated Arbitrary Shortcode Execution
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...
WordPress Contact Form & SMTP Plugin for WordPress by PirateForms plugin <= 2.6.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by mikemyers in WordPress Plugin Contact Form & SMTP Plugin versions = 2.6.0...
CVE-2024-10633
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.8.0 Business, up to, and including, 21.8.0 Developer, and up to, and including, 31.8.0 Agency. This is due to the software allowing users to...
CVE-2024-10633 Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Unauthenticated Arbitrary Shortcode Execution via content
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.8.0 Business, up to, and including, 21.8.0 Developer, and up to, and including, 31.8.0 Agency. This is due to the software allowing users to...
CVE-2024-10633 Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Unauthenticated Arbitrary Shortcode Execution via content
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.8.0 Business, up to, and including, 21.8.0 Developer, and up to, and including, 31.8.0 Agency. This is due to the software allowing users to...
CVE-2024-10633
CVE-2024-10633 affects the Quiz Maker Business, Developer, and Agency WordPress plugins. The vulnerability arises from improper validation before do_shortcode, enabling unauthenticated users to execute arbitrary shortcodes. Impact is characterized as arbitrary shortcode execution with network-acc...
WordPress plugin Quiz Maker Business, Developer, and Agency 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-13495
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via the gamipressajaxgetlogs function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...
CVE-2024-13495
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via the gamipressajaxgetlogs function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...
CVE-2024-13499
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipressdoshortcode function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...
CVE-2024-13499
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipressdoshortcode function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...
CVE-2024-13499 GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_do_shortcode() Function
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipressdoshortcode function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...
CVE-2024-13499
The WordPress plugin GamiPress – Gamification (up to 7.2.1) is vulnerable to unauthenticated arbitrary shortcode execution via gamipress_do_shortcode() because input is not properly validated before running do_shortcode. The CVE (CVE-2024-13499) is reported by multiple sources (NVD entry, Red Hat...
CVE-2024-13499 GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_do_shortcode() Function
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipressdoshortcode function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...
CVE-2024-13495 GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_ajax_get_logs Function
The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via the gamipressajaxgetlogs function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...