7 matches found
WordPress Super Progressive Web Apps plugin <= 2.1.12 - Authenticated Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE)
Authenticated Arbitrary File Upload vulnerability leading to Remote Code Execution RCE discovered by WPScan Team in WordPress Super Progressive Web Apps plugin versions = 2.1.12. Solution Update the WordPress Super Progressive Web Apps plugin to the latest available version at least 2.1.13...
WordPress CM Registration Pro premium plugin <= 3.2.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by WPScan Team in WordPress CM Registration Pro premium plugin versions = 3.2.0. Solution Update the WordPress CM Registration Pro premium plugin to the latest available version at least 3.2.1...
WordPress UltimateWoo plugin <= 0.1.10 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by WPScan Team in WordPress UltimateWoo plugin versions = 0.1.10. Solution This plugin has been closed and is no longer available for download...
WordPress Easy Form Builder plugin <= 1.0 - Unauthorized AJAX Calls vulnerability
Unauthorized AJAX Calls vulnerability discovered by WPScan Team in WordPress Easy Form Builder plugin versions = 1.0. Solution Plugin closed. Deactivate and delete...
WordPress Portfolio Gallery – Image Gallery plugin <= 1.1.2 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by WPScan Team in WordPress Portfolio Gallery – Image Gallery plugin versions = 1.1.2. Solution Update the WordPress Portfolio Gallery – Image Gallery plugin to the latest available version at least 1.1.3...
Support Board - Chat And Help Desk | Support & Chat <= 1.2.8 Stored XSS
Info: Weak security measures like bad textarea data filtering has been discovered in the «Support Board - Chat And Help Desk | Support & Chat». Demo Website: https://codecanyon.net/item/support-board-chat-and-help-desk/20752085 Backend: https://board.support/desk-demo/?login=true Login / Password...
WordPress Plugin SEO by Yoast 1.7.3.3 - Blind SQL Injection
WordPress Plugin SEO by Yoast 1.7.3.3 - Blind SQL Injection Title: WordPress SEO by Yoast = 1.7.3.3 - Blind SQL Injection Version/s Tested: 1.7.3.3 Patched Version: 1.7.4 CVSSv2 Base Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2 Temporal Score: 7...