87 matches found
CVE-2024-25595
Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1...
CVE-2022-44581
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2...
CVE-2022-44581 WordPress Defender Security plugin <= 3.3.2 - Broken Authentication vulnerability
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2...
PT-2024-21025 · Wpmu Dev · Wpmu Dev Defender Security
Name of the Vulnerable Software and Affected Versions: WPMU DEV Defender Security versions through 4.4.1 Description: The issue is related to an Authentication Bypass by Spoofing, allowing functionality bypass. Recommendations: For versions through 4.4.1, update to a version later than 4.4.1 to...
PT-2024-11680 · Wpmu Dev · Wpmu Dev Defender Security
Name of the Vulnerable Software and Affected Versions: WPMU DEV Defender Security versions n/a through 3.3.2 Description: The issue affects the storage of sensitive information, allowing access to screen temporary files that may contain sensitive data. This is a result of insecure storage practic...
WordPress Hummingbird Plugin <= 3.7.3 is vulnerable to Broken Access Control
Software Hummingbird Type Plugin Vulnerable versions = 3.7.3 Fixed in 3.7.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32792 Patch priority Low CVSS severity Low 4.3 Developer WPMU DEV PSID 9b701eb20e44 Credits Peng Zhou Required privilege...
CVE-2024-29777
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator.This issue affects Forminator: from n/a through = 1.29.0...
CVE-2024-29777
CVE-2024-29777 is a reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Forminator (WPMU DEV) up to version 1.29.0. The issue arises from improper input neutralization during web page generation. Affected: Forminator
PT-2024-23019 · Wpmu Dev · Wpmu Dev Forminator
Name of the Vulnerable Software and Affected Versions: WPMU DEV Forminator versions 1.29.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can...
WordPress Forminator Plugin <= 1.29.0 is vulnerable to Cross Site Scripting (XSS)
Software Forminator Type Plugin Vulnerable versions = 1.29.0 Fixed in 1.29.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29777 Patch priority Medium CVSS severity Medium 7.1 Developer WPMU DEV PSID 4c3587917921 Credits Rafie Muhammad Patchstack Required privile...
CVE-2024-25592
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV Broken Link Checker allows Stored XSS.This issue affects Broken Link Checker: from n/a through 2.2.3...
CVE-2024-25592
CVE-2024-25592 affects WordPress Broken Link Checker plugin (versions through 2.2.3). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Impact: stored XSS vulnerability on sites using Broken Link Checker up to 2.2.3; CVSS base metrics in listed sources ...
CVE-2023-51490
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0...
Code injection
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0...
CVE-2023-51490
CVE-2023-51490 affects the WordPress Defender Security plugin by WPMU DEV, impacting Defender Security – Malware Scanner, Login Security & Firewall up to version 4.1.0. Root cause: Exposure of sensitive information to an unauthorized actor. The CVE is marked as patched in the sources. Remediation...
CVE-2023-51490 WordPress Defender Security Plugin <= 4.1.0 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0...
WordPress Branda Plugin <= 3.4.14 is vulnerable to Bypass Vulnerability
Software Branda Type Plugin Vulnerable versions = 3.4.14 Fixed in 3.4.15 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-51542 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID 6298c3f8ebb2 Credits Brandon Roldan Required privilege...
WordPress Forminator Plugin <= 1.27.0 is vulnerable to Arbitrary File Upload
Software Forminator Type Plugin Vulnerable versions = 1.27.0 Fixed in 1.28.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6133 Patch priority Low CVSS severity Low 6.6 Developer WPMU DEV PSID e543496c8db2 Credits István Márton Required privilege Administrator...
WordPress Defender Security Plugin <= 4.2.0 is vulnerable to Bypass Vulnerability
Software Defender Security Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-47189 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID 9d721f7eb609 Credits Naveen Muthusamy Required...
WordPress Defender Security Plugin < 4.1.0 is vulnerable to Bypass Vulnerability
Software Defender Security Type Plugin Vulnerable versions 4.1.0 Fixed in 4.1.0 OWASP Top 10 A1: Broken Access Control Classification Bypass Vulnerability CVE CVE-2023-5089 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID e45ed857552b Credits Juan Pablo Gomez Postigo Required...