WordPress WP Scraper plugin <= 5.8.1 - Authenticated (Administrator+) Server-Side Request Forgery vulnerability

Authenticated Administrator+ Server-Side Request Forgery vulnerability discovered by Valatty in WordPress Plugin TwentyFourth WP Scraper versions = 5.8.1...

WordPress TwentyFourth WP Scraper Plugin <= 0.6.5 is vulnerable to Cross Site Scripting (XSS)

Software TwentyFourth WP Scraper Type Plugin Vulnerable versions = 0.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f8302abdf1de Credits Rafie Muhammad Patchstack...

WordPress TwentyFourth WP Scraper plugin <= 0.6.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress TwentyFourth WP Scraper plugin versions = 0.6.5. Solution No patched version available...

WordPress TwentyFourth WP Scraper plugin <= 0.6.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress TwentyFourth WP Scraper plugin versions = 0.6.5. Solution No patched version available...