46702 matches found
WordPress Morning Records theme <= 1.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Morning Records versions = 1.2...
WordPress m2 | Construction and Tools Store theme <= 1.1.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme m2 | Construction and Tools Store versions = 1.1.2...
WordPress Tripgo theme < 1.5.6 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Tripgo versions 1.5.6...
WordPress Triompher theme <= 1.1.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Triompher versions = 1.1.0...
WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Gioia versions = 1.4...
WordPress Dentalux theme <= 3.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dentalux versions = 3.3...
WordPress ProLingua theme <= 1.1.12 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme ProLingua versions = 1.1.12...
WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nelson versions = 1.2.0...
WordPress Mr. Cobbler theme <= 1.1.9 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Mr. Cobbler versions = 1.1.9...
WordPress Lella theme <= 1.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Lella versions = 1.2...
WordPress Laurent theme <= 3.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Laurent versions = 3.1...
WordPress Hypnotherapy theme <= 1.2.10 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Hypnotherapy versions = 1.2.10...
WordPress Greenville theme <= 1.3.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Greenville versions = 1.3.2...
WordPress Good Homes theme <= 1.3.13 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Good Homes versions = 1.3.13...
WordPress Gaspard theme <= 1.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Gaspard versions = 1.3...
WordPress My auctions allegro plugin <= 3.6.35 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin My auctions allegro versions = 3.6.35...
WordPress My Album Gallery plugin <= 1.0.4 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by Jitlada in WordPress Plugin My Album Gallery versions = 1.0.4...
WordPress Lisfinity Core plugin <= 1.5.0 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Lisfinity Core versions = 1.5.0...
WordPress WPSubscription plugin <= 1.8.10 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Jitlada in WordPress Plugin WPSubscription versions = 1.8.10...
WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Mrreee in WordPress Plugin Product Feed for WooCommerce versions = 2.3.3...
WordPress Bus Ticket Booking with Seat Reservation plugin <= 5.6.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Bus Ticket Booking with Seat Reservation versions = 5.6.0...
WordPress LatePoint plugin <= 5.2.7 - Authenticated (Agent+) Privilege Escalation vulnerability
Authenticated Agent+ Privilege Escalation vulnerability discovered by Nguyen Ba Hung bashu - KCSC in WordPress Plugin LatePoint versions = 5.2.7...
WordPress Fluent Forms Pro plugin <= 6.1.17 - Unauthenticated Stored Cross-Site Scripting via Draft Form Submission vulnerability
Unauthenticated Stored Cross-Site Scripting via Draft Form Submission vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...
WordPress WPBookit plugin <= 1.0.8 - Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' Parameters vulnerability
Unauthenticated Stored Cross-Site Scripting via 'wpbusername' and 'wpbuseremail' Parameters vulnerability discovered by MD. TAREQ AHAMED JONY itztrq - Knight Squad in WordPress Plugin WPBookit versions = 1.0.8...
WordPress Product Feed PRO for WooCommerce plugin <= 13.5.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Product Feed PRO for WooCommerce versions = 13.5.2...
WordPress Fluent Forms Pro Add On Pack plugin <= 6.1.17 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability
Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...
WordPress Mail Mint plugin < 1.19.5 - Unauthenticated Emails Disclosure vulnerability
Unauthenticated Emails Disclosure vulnerability discovered by yiÄŸit ibrahim saÄŸlam in WordPress Plugin Mail Mint versions 1.19.5...
WordPress Membership plugin - Restrict Content plugin <= 3.2.20 - Unauthenticated Privilege Escalation via 'rcp_level' vulnerability
WordPress Membership plugin - Restrict Content plugin = 3.2.20 - Unauthenticated Privilege Escalation via 'rcplevel' vulnerability discovered by shark3y in WordPress Plugin Restrict Content versions = 3.2.20...
WordPress Page and Post Clone plugin <= 6.3 - Authenticated (Contributor+) SQL Injection via 'meta_key' Parameter vulnerability
Authenticated Contributor+ SQL Injection via 'metakey' Parameter vulnerability discovered by Arthur GRIMAULT in WordPress Plugin Page and Post Clone versions = 6.3...
WordPress Media Library Assistant plugin <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Attachment Taxonomy Modification vulnerability discovered by Muhammad Sharief in WordPress Plugin Media LIbrary Assistant versions = 3.33...
WordPress Apocalypse Meow plugin <= 22.1.0 - Authenticated (Administrator+) SQL Injection via 'type' Parameter vulnerability
Authenticated Administrator+ SQL Injection via 'type' Parameter vulnerability discovered by Louis Deschanel - Patrowl in WordPress Plugin Apocalypse Meow versions = 22.1.0...
WordPress OoohBoi Steroids for Elementor plugin <= 2.1.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple URL Controls vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple URL Controls vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin OoohBoi Steroids for Elementor versions = 2.1.24...
WordPress My Calendar - Accessible Event Manager plugin <= 3.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
WordPress My Calendar - Accessible Event Manager plugin = 3.7.3 - Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin My Calendar versions = 3.7.3...
WordPress Seraphinite Accelerator plugin <= 2.28.14 - Authenticated (Subscriber+) Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Authenticated Subscriber+ Exposure of Sensitive Information to an Unauthorized Actor vulnerability discovered by lucsob in WordPress Plugin Seraphinite Accelerator versions = 2.28.14...
WordPress Seraphinite Accelerator plugin <= 2.28.14 - Missing Authorization to Authenticated (Subscriber+) Log Clearing vulnerability
Missing Authorization to Authenticated Subscriber+ Log Clearing vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Seraphinite Accelerator versions = 2.28.14...
WordPress ionCube tester plus plugin <= 1.3 - Arbitrary File Download vulnerability
Arbitrary File Download vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin ionCube tester plus versions = 1.3...
WordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Doan Dinh Van in WordPress Plugin Easy Post Submission versions = 2.4.0...
WordPress Mounthood theme <= 1.3.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Mounthood versions = 1.3.2...
WordPress Jardi theme <= 1.7.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Jardi versions = 1.7.2...
WordPress Estate theme <= 1.3.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Estate versions = 1.3.4...
WordPress Equestrian Centre theme <= 1.5 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Equestrian Centre versions = 1.5...
WordPress Dental Clinic theme <= 3.7 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dental Clinic versions = 3.7...
WordPress ColorFolio - Freelance Designer WordPress Theme theme <= 1.3 - Deserialization of untrusted data vulnerability
WordPress ColorFolio - Freelance Designer WordPress Theme theme = 1.3 - Deserialization of untrusted data vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme ColorFolio - Freelance Designer WordPress Theme versions = 1.3...
WordPress Etchy theme <= 1.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Etchy versions = 1.0...
WordPress FindAll theme <= 1.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme FindAll versions = 1.4...
WordPress Felizia theme <= 1.3.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Felizia versions = 1.3.4...
WordPress CasaMia | Property Rental Real Estate WordPress Theme theme <= 1.1.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme CasaMia | Property Rental Real Estate WordPress Theme versions = 1.1.2...
WordPress Au Pair Agency - Babysitting & Nanny Theme theme <= 1.2.2 - Deserialization of untrusted data vulnerability
WordPress Au Pair Agency - Babysitting & Nanny Theme theme = 1.2.2 - Deserialization of untrusted data vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Au Pair Agency - Babysitting & Nanny Theme versions = 1.2.2...
WordPress AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme theme <= 1.2.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme versions = 1.2.5...
WordPress Amelia plugin <= 1.2.38 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Amelia versions = 1.2.38...