2 matches found
PT-2026-45699
Name of the Vulnerable Software and Affected Versions rognone versions prior to 0.6.3 Description The rognone plugin for WordPress is subject to Reflected Cross-Site Scripting, a flaw where an application includes untrusted data in a web page without proper validation or escaping. This occurs due...
PT-2023-27196 · WordPress · The Waiting
Name of the Vulnerable Software and Affected Versions: The Waiting: One-click countdowns plugin for WordPress versions up to, and including, 0.6.2 Description: The issue is related to authorization bypass due to missing capability checks on AJAX calls. This allows authenticated attackers with...