WordPress Community Events plugin <= 1.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'ce_venue_name' Parameter vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'cevenuename' Parameter vulnerability discovered by Bee - FPT University in WordPress Plugin Community Events versions = 1.5.7...

WordPress Community by PeepSo plugin <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Community by PeepSo versions = 6.4.5.0...

WordPress Community Events plugin <= 1.5.2 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by ifoundbug in WordPress Plugin Community Events versions = 1.5.2...

Enhancing the Wordfence Bug Bounty Program: New Incentives & a Stronger Focus on High-Impact Research

Last year was a year of growth and refinement for the Wordfence Threat Intelligence team. In December of 2023, we launched our Bug Bounty Program, rewarding security researchers for identifying and reporting in-scope vulnerabilities to further our mission of Securing the Web while contributing to...

WordPress Community Yard Sale Plugin <= 1.1.11 is vulnerable to Cross Site Scripting (XSS)

Software Community Yard Sale Type Plugin Vulnerable versions = 1.1.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51846 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5dedbad88822 Credits SOPROBRO Required privilege...

WordPress Community by PeepSo plugin <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Bikram Kharal in WordPress Plugin Community by PeepSo versions = 6.4.6.1...

WordPress Community by PeepSo Plugin <= 6.4.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Community by PeepSo Type Plugin Vulnerable versions = 6.4.6.1 Fixed in 6.4.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9873 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 149b9a71dcfc Credits Bikram...

WordPress Community Events Plugin < 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Community Events Type Plugin Vulnerable versions 1.5.1 Fixed in 1.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6270 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 41e2dd4ebfb2 Credits Bob Matyas Required...

WordPress Community Events Plugin < 1.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Community Events Type Plugin Vulnerable versions 1.5 Fixed in 1.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6271 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 521f0e010f7a Credits Bob Matyas Required...

WordPress Community by PeepSo Plugin <= 6.2.7.0 is vulnerable to Sensitive Data Exposure

Software Community by PeepSo Type Plugin Vulnerable versions = 6.2.7.0 Fixed in 6.2.7.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-25923 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 13d9a4c9470c Credits...

WordPress Community by PeepSo Plugin <= 6.2.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Community by PeepSo Type Plugin Vulnerable versions = 6.2.6.0 Fixed in 6.2.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48746 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2840ecd15416 Credits Phd Required privilege...

WordPress Plugin Community by PeepSo - Social Network, Membership, Registration, User Profiles Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress Plugin Community by PeepSo - Social Network,...

WordPress Community by PeepSo Plugin <= 6.0.9.0 is vulnerable to Sensitive Data Exposure

Software Community by PeepSo Type Plugin Vulnerable versions = 6.0.9.0 Fixed in 6.1.0.0 OWASP Top 10 A5: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-27630 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 51cd63709c31 Credits Dave Jong Patchstac...

Wordfence Launches Free Vulnerability Database For Commercial Use – And Launches Security Portal

Today we are incredibly excited to announce that Wordfence is launching an entirely free vulnerability database API and web interface, available for commercial use by hosting companies, security organizations, threat analysts, security researchers, and the WordPress user community. This is part o...

CVE-2015-3313

SQL injection vulnerability in WordPress Community Events plugin before 1.4...

WordPress Community Events Plugin 1.3.5 - SQL Injection Vulnerability

Exploit for php platform in category web applications ======================================================================= title: SQL Injection product: WordPress Community Events Plugin vulnerable version: 1.3.5 and probably below fixed version: 1.4 CVE number: CVE-2015-3313 impact: CVSS Base...

WordPress Community Events 1.3.5 SQL Injection

======================================================================= title: SQL Injection product: WordPress Community Events Plugin vulnerable version: 1.3.5 and probably below fixed version: 1.4 CVE number: CVE-2015-3313 impact: CVSS Base Score 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P homepage:...