4 matches found
PT-2025-29296 · WordPress · The Nokri – Job Board Wordpress Theme
Name of the Vulnerable Software and Affected Versions: Nokri - Job Board WordPress Theme versions prior to 1.6.4 Description: The Nokri - Job Board WordPress Theme is susceptible to privilege escalation, potentially leading to account takeover. The issue stems from insufficient validation of a...
CVE-2023-4703 All in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege Escalation
The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation...
Medicine Tracker System v1.0 - Sql Injection
Exploit Title: Medicine Tracker System v1.0 - Sql Injection Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-mts0.zip Version: V1.0.0 Tested on: Windows/Linux Proof of Concept: 1-...
FanFootage: NO CSRF token found on user details update
Here is the CSRF...