CVE-2024-0975

CVE-2024-0975 affects the WordPress Access Control plugin for WordPress. The vulnerability allows Sensitive Information Exposure via REST API in all versions up to and including 4.0.13, enabling unauthenticated attackers to bypass the plugin’s “Make Website Members Only” setting (when unset) and ...

CVE-2022-2367

The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation...

Design/Logic Flaw

The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation...