WordPress JobSearch Plugin <= 2.5.9 is vulnerable to PHP Object Injection

Software JobSearch Type Plugin Vulnerable versions = 2.5.9 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-47636 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 5e0aa88de68e Credits Bonds Required privilege Unauthenticated...

WordPress Woocommerce OpenPos Plugin <= 7.0.1 is vulnerable to Broken Access Control

Software Woocommerce OpenPos Type Plugin Vulnerable versions = 7.0.1 Fixed in 7.0.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37935 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID d6898ddc425e Credits Dave Jong Patchstack...

WordPress Tutor LMS Pro Plugin <= 2.7.0 is vulnerable to Broken Access Control

Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4352 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 7694afbc9e58 Credits villu164 Required privilege...

WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Broken Access Control

Software Themify Ultra Type Theme Vulnerable versions = 7.3.5 Fixed in 7.3.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-46146 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID dba7a9d87836 Credits Rafie Muhammad Patchstack...