Lucene search

K

Wpexpertdeveloper Security Vulnerabilities

cve
cve

CVE-2021-4385

The WP Private Content Plus plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1. This is due to missing or incorrect nonce validation on the save_groups() function. This makes it possible for unauthenticated attackers to add new group members via.....

8.8CVSS

4.2AI Score

0.001EPSS

2023-07-01 04:15 AM
7
cve
cve

CVE-2019-15816

The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_...

7.5CVSS

7.6AI Score

0.001EPSS

2019-08-30 01:15 PM
39