CVE-2016-10950

The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter...

WordPress Sirv plugin <= 7.5.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Sirv versions = 7.5.3...

WordPress Sirv plugin <= 7.3.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Option Deletion vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Sirv versions = 7.3.0...

WordPress Sirv plugin <= 7.2.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin Sirv versions = 7.2.9...

WordPress Sirv Plugin <= 7.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Sirv Type Plugin Vulnerable versions = 7.2.9 Fixed in 7.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8964 Patch priority Low CVSS severity Low 5.9 Developer Sirv PSID c2a5a24c5a87 Credits Francesco Carlucci Required privilege Author...

WordPress Sirv plugin <= 7.2.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by scottaglia in WordPress Plugin Sirv versions = 7.2.7...

WordPress Sirv Plugin <= 7.2.7 is vulnerable to Arbitrary File Upload

Software Sirv Type Plugin Vulnerable versions = 7.2.7 Fixed in 7.2.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE N/A Patch priority Medium CVSS severity Medium 9.9 Developer Sirv PSID 9e701815e83c Credits scottaglia Required privilege Contributor Published 22 August, 2024...

WordPress Sirv Plugin <= 7.2.6 is vulnerable to Arbitrary File Upload

Software Sirv Type Plugin Vulnerable versions = 7.2.6 Fixed in 7.2.7 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-5853 Patch priority Medium CVSS severity Medium 9.9 Developer Sirv PSID b8d1b016bf81 Credits Lucio Sá Required privilege Contributor Published 18 June,...

WordPress Sirv plugin <= 7.2.2 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Sirv versions = 7.2.2...

WordPress Sirv Plugin <= 7.2.0 is vulnerable to Broken Access Control

Software Sirv Type Plugin Vulnerable versions = 7.2.0 Fixed in 7.2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-27950 Patch priority Low CVSS severity Low 5.4 Developer Sirv PSID 622e8386dd23 Credits CatFather Required privilege Subscriber Published 1...

WordPress Sirv Plugin <= 7.1.2 is vulnerable to Broken Access Control

Software Sirv Type Plugin Vulnerable versions = 7.1.2 Fixed in 7.1.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-50898 Patch priority Low CVSS severity Low 5.4 Developer Sirv PSID 96bd93b7e6bb Credits Abdi Pranata Required privilege Subscriber Publishe...