WordPress EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder plugin <= 2.5.7 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin EazyDocs versions = 2.5.7...

WordPress EazyDocs plugin <= 2.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin EazyDocs versions = 2.7.1...

CVE-2023-47648 WordPress EazyDocs plugin <= 2.3.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through = 2.3.5...

CVE-2024-54376 WordPress EazyDocs plugin <= 2.8.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Spider Themes EazyDocs eazydocs allows PHP Local File Inclusion.This issue affects EazyDocs: from n/a through = 2.8.0...

WordPress EazyDocs plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin EazyDocs versions = 2.5.0...

WordPress EazyDocs Plugin <= 2.5.0 is vulnerable to Broken Access Control

Software EazyDocs Type Plugin Vulnerable versions = 2.5.0 Fixed in 2.5.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38721 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5440501869f Credits Khalid Yusuf Required privileg...

WordPress EazyDocs Plugin < 2.3.4 is vulnerable to SQL Injection

Software EazyDocs Type Plugin Vulnerable versions 2.3.4 Fixed in 2.3.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-6035 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 6ad682fb44ae Credits Dao Xuan Hieu Required privilege Subscriber Published 19...

WordPress EazyDocs Plugin <= 2.3.5 is vulnerable to Cross Site Scripting (XSS)

Software EazyDocs Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47549 Patch priority High CVSS severity High 6.8 Developer Claim ownership PSID 1e8fa9f4a641 Credits minhtuanact Required privile...

WordPress EazyDocs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software EazyDocs Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6b527c9fb24 Credits Rafie Muhammad Patchstack Required...