2 matches found
Facial DNA provider leaks biometric data via WordPress folder
ChiceDNA exposed 8,000 sensitive records, including biometric images, personal details, and facial DNA data in an unsecured WordPress…...
Backup and Restore <= 1.0.3 - Admin+ Arbitrary File Deletion
The plugin does not sanitise and validate the foldername parameter when deleting a report, which could allow high privilege users to delete arbitrary files on the web server, including those outside of the WordPress folder PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: / Accept-Language:...