876 matches found
WordPress Paid Membership Subscriptions plugin <= 2.13.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Paid Member Subscriptions versions = 2.13.0...
WordPress WOOCS – WooCommerce Currency Switcher plugin <= 1.4.2.2 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by mikemyers in WordPress Plugin FOX versions = 1.4.2.2...
PT-2024-16694 · WordPress · Inpost Gallery
Name of the Vulnerable Software and Affected Versions: InPost Gallery plugin for WordPress versions up to, and including, 2.1.4.2 Description: The issue allows authenticated attackers with Subscriber-level access and above to execute arbitrary shortcodes due to the software not properly validatin...
WordPress plugin InPost Gallery 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
WordPress InPost Gallery plugin <= 2.1.4.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via inpost_gallery_get_shortcode_template vulnerability
Authenticated Subscriber+ Arbitrary Shortcode Execution via inpostgallerygetshortcodetemplate vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin InPost Gallery versions = 2.1.4.2...
CVE-2024-11034
The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation plugin for WordPress is vulnerable to arbitrary shortcode execution via firecontactform AJAX action in all versions up to, and including, 1.4. This is due to the software...
CVE-2024-11034 Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form
The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation plugin for WordPress is vulnerable to arbitrary shortcode execution via firecontactform AJAX action in all versions up to, and including, 1.4. This is due to the software...
CVE-2024-11034 Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form
The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation plugin for WordPress is vulnerable to arbitrary shortcode execution via firecontactform AJAX action in all versions up to, and including, 1.4. This is due to the software...
CVE-2024-11034
The CVE-2024-11034 entry concerns the WordPress plugin “Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation.” Connected sources confirm that all versions up to and including 1.4 are vulnerable to arbitrary shortcode execution via the...
WordPress Request a Quote for WooCommerce and Elementor plugin <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form vulnerability
Unauthenticated Arbitrary Shortcode Execution via firecontactform vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Request a Quote for WooCommerce and Elementor versions = 1.4...
PT-2024-16719 · WordPress · Request A Quote For Woocommerce/Elementor – Get A Quote Button – Product Enquiry Form Popup – Product Quotation
Name of the Vulnerable Software and Affected Versions: The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation plugin for WordPress versions up to, and including, 1.4 Description: The issue allows arbitrary shortcode execution via th...
CVE-2024-10899
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
CVE-2024-10899
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
CVE-2024-10899 WooCommerce Product Table Lite <= 3.8.6 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
CVE-2024-10899
CVE-2024-10899 affects WordPress plugin WooCommerce Product Table Lite up to version 3.8.6. It allows unauthenticated attackers to execute arbitrary shortcodes due to unvalidated input before do_shortcode, and the same id parameter is vulnerable to Reflected XSS. The remediation is to upgrade to ...
CVE-2024-10899 WooCommerce Product Table Lite <= 3.8.6 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
WordPress plugin WooCommerce Product Table Lite 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
WordPress WooCommerce Product Table Lite plugin <= 3.8.6 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting vulnerability
Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin WooCommerce Product Table Lite versions = 3.8.6...
CVE-2024-11038
The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary shortcode execution via wpbpcffirecontactform AJAX action in all versions up to, and including, 1.7.5. This is due to the software allowing users to...
CVE-2024-11038
The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary shortcode execution via wpbpcffirecontactform AJAX action in all versions up to, and including, 1.7.5. This is due to the software allowing users to...