87 matches found
PT-2024-30305 · Wpmu Dev · Wpmu Dev Hummingbird
Name of the Vulnerable Software and Affected Versions: WPMU DEV Hummingbird versions 3.9.1 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For WPMU DEV Hummingbi...
WordPress Forminator Plugin <= 1.36.0 is vulnerable to Insecure Direct Object References (IDOR)
Software Forminator Type Plugin Vulnerable versions = 1.36.0 Fixed in 1.36.1 OWASP Top 10 A3: Injection Classification Insecure Direct Object References IDOR CVE CVE-2024-9700 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID f94c41be5520 Credits Vijaysimha Reddy vijaysimha Require...
WordPress Broken Link Checker Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)
Software Broken Link Checker Type Plugin Vulnerable versions = 2.4.0 Fixed in 2.4.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8981 Patch priority Medium CVSS severity Medium 7.1 Developer WPMU DEV PSID 5ef9d4c1245b Credits vgo0 Required privile...
CVE-2024-43117
Cross-Site Request Forgery CSRF vulnerability in WPMU DEV Hummingbird.This issue affects Hummingbird: from n/a through 3.9.1...
CVE-2024-43117
Cross-Site Request Forgery CSRF vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through = 3.9.1...
CVE-2024-43117
CVE-2024-43117 is a CSRF vulnerability in the WPMU DEV Hummingbird WordPress plugin, affecting Hummingbird releases up to 3.9.1. The provided documents confirm the issue and list a patched status, but there are no public details in the sources about the exact fix version or exploitation specifics...
CVE-2024-43117 WordPress Hummingbird plugin <= 3.9.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through = 3.9.1...
CVE-2024-37239
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPMU DEV Branda allows Stored XSS.This issue affects Branda: from n/a through 3.4.17...
CVE-2024-37239
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Branda branda-white-labeling.This issue affects Branda: from n/a through = 3.4.17...
CVE-2024-37239
CVE-2024-37239 is a stored XSS in Branda (WordPress Branda plugin) up to version 3.4.17. The vulnerability arises from improper input neutralization during web page generation, enabling authenticated attackers to execute scripts. The connected sources note a patch was released; remediation is to ...
WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Plugin <= 3.10.8 is vulnerable to Full Path Disclosure (FPD)
Software SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Type Plugin Vulnerable versions = 3.10.8 Fixed in 3.10.9 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6556 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID...
WordPress Defender Security Plugin <= 3.3.2 is vulnerable to Broken Authentication
Software Defender Security Type Plugin Vulnerable versions = 3.3.2 Fixed in 3.3.3 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2022-44581 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID e5d5684810f0 Credits Snicco Required privilege...
CVE-2024-32792
Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through = 3.7.3...
CVE-2024-32792
Missing Authorization vulnerability in WPMU DEV Hummingbird.This issue affects Hummingbird: from n/a through 3.7.3...
CVE-2024-32792
CVE-2024-32792: Missing Authorization in WordPress WPMU DEV Hummingbird plugin (
PT-2024-24865 · Wpmu Dev · Wpmu Dev Hummingbird
Name of the Vulnerable Software and Affected Versions: WPMU DEV Hummingbird versions 3.7.3 and earlier Description: The issue is related to a Missing Authorization vulnerability in WPMU DEV Hummingbird. Recommendations: For WPMU DEV Hummingbird versions 3.7.3 and earlier, update to a version late...
CVE-2023-51542
Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through 3.4.14...
CVE-2023-51542 WordPress Branda plugin <= 3.4.14 - IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through 3.4.14...
CVE-2023-51542 WordPress Branda plugin <= 3.4.14 - IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through 3.4.14...
CVE-2023-47189 WordPress Defender Security plugin <= 4.2.0 - Masked Login Area View Bypass vulnerability
Improper Authentication vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security: from n/a through 4.2.0...