CVE-2024-43234 WordPress Woffice theme <= 5.4.14 - Unauthenticated Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in WofficeIO Woffice woffice allows Authentication Bypass.This issue affects Woffice: from n/a through = 5.4.14...

WordPress Woffice Theme <= 5.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Woffice Type Theme Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37472 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 742e892a0fa2 Credits Rafie Muhammad Patchstack Required...