WordPress wpDiscuz Plugin <= 7.6.15 is vulnerable to Cross Site Scripting (XSS)

Software wpDiscuz Type Plugin Vulnerable versions = 7.6.15 Fixed in 7.6.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2477 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6802b1a6ae17 Credits Ngô Thiên An ancorn Required...

Exploit for Unrestricted Upload of File with Dangerous Type in Gvectors Wpdiscuz

CVE-2020-24186 reverse shell upload Exploit for WpDiscuz 7.0.4...

WordPress wpDiscuz Plugin <= 7.6.10 is vulnerable to Content Injection

Software wpDiscuz Type Plugin Vulnerable versions = 7.6.10 Fixed in 7.6.11 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2023-46310 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID c4aa65661de4 Credits Revan Arifio Required privilege...

WordPress wpDiscuz Plugin < 7.6.6 is vulnerable to SQL Injection

Software wpDiscuz Type Plugin Vulnerable versions 7.6.6 Fixed in 7.6.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE N/A Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID fcbd1df4be98 Credits Unknown Required privilege Unauthenticated Published 19 September,...

WordPress wpDiscuz Plugin <= 7.6.3 is vulnerable to Insecure Direct Object References (IDOR)

Software wpDiscuz Type Plugin Vulnerable versions = 7.6.3 Fixed in 7.6.4 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-3869 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e19751d1d189 Credits FearZzZz Required...