4 matches found
WordPress WP Users Exporter plugin <= 1.4.2 - CSV Injection vulnerability
CSV Injection vulnerability discovered by Zhouyuan Yang in WordPress WP Users Exporter plugin versions = 1.4.2. Solution Deactivate and delete. This plugin has been closed as of January 8, 2020 and is not available for download. Reason: Security Issue...
WordPress Beaver Builder plugin <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Image URL
Authenticated Stored Cross-Site Scripting XSS vulnerability via Image URL discovered by Zhouyuan Yang in WordPress Beaver Builder plugin versions = 2.5.5.2. Solution Update the WordPress Beaver Builder plugin to the latest available version at least 2.5.5.3...
WordPress Visual Composer Website Builder plugin <= 45.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Title
Authenticated Stored Cross-Site Scripting XSS vulnerability via Title discovered by Zhouyuan Yang in WordPress Visual Composer Website Builder plugin versions = 45.0. Solution Update the WordPress Visual Composer Website Builder plugin to the latest available version at least 45.0.1...
WordPress Beaver Builder plugin <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Text Editor
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Zhouyuan Yang in WordPress Beaver Builder plugin versions = 2.5.5.2. Solution Update the WordPress Beaver Builder plugin to the latest available version at least 2.5.5.3...