WordPress Oxygen Builder Plugin <= 4.8.3 is vulnerable to Broken Access Control

Software Oxygen Builder Type Plugin Vulnerable versions = 4.8.3 Fixed in 4.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6688 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 05a98a111db4 Credits Francesco Carlucci Required...

WordPress Oxygen Builder Plugin <= 4.9 is vulnerable to Remote Code Execution (RCE)

Software Oxygen Builder Type Plugin Vulnerable versions = 4.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-31380 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 4b3933c6a6e8 Credits Snicco Required privilege Contributo...

WordPress Oxygen Builder Plugin <= 4.8 is vulnerable to Cross Site Scripting (XSS)

Software Oxygen Builder Type Plugin Vulnerable versions = 4.8 Fixed in 4.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6938 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5b6e074aaeac Credits Francesco Carlucci Required...