3 matches found
WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting
WordPress iQ Block Country plugin 1.2.11 and prior contains a cross-site scripting vulnerability. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and...
WordPress iQ Block Country plugin <= 1.2.12 - Arbitrary File Deletion vulnerability via Zip Slip
Arbitrary File Deletion vulnerability via Zip Slip discovered by Ceylan Bozogullarindan in WordPress iQ Block Country plugin versions = 1.2.12. Solution Update WordPress iQ Block Country plugin to the latest available version at least 1.2.13...
WordPress iQ Block Country plugin <= 1.2.11 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability
Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Vlad Visse Patchstack Red Team in WordPress iQ Block Country plugin versions = 1.2.11. Vulnerable parameter: &blockcountryblockmessage. Solution Update the WordPress iQ Block Country plugin to the latest available versi...