Kalenderwoche 43
Plugins
29.10.2021 NextScripts: Social Networks Auto-Poster < 4.3.21 – Reflected Cross-Site Scripting
29.10.2021 Smash Balloon Social Post Feed < 4.0.1 – Subscriber+ Arbitrary Plugin Settings Update to Stored XSS
28.10.2021 URL Shortify < 1.5.1 – Arbitrary Link/Group Deletion via CSRF
28.10.2021 Contact Form by Supsystic <= 1.7.18 – Admin+ Stored Cross-Site Scripting
27.10.2021 Registrations for The Events Calendar < 2.7.5 – Reflected Cross-Site Scripting
27.10.2021 OptinMonster < 2.6.5 – Unprotected REST-API Endpoints
27.10.2021 Mang Board WP < 1.6.9 – SQL Injection
26.10.2021 About Author Box < 1.0.2 – Contributor+ Stored Cross-Site Scripting
26.10.2021 Bulk Datetime Change < 1.12 – Missing Authorisation
26.10.2021 Ninja Forms < 3.6.4 – Admin+ SQL Injection
26.10.2021 HashThemes Demo Importer < 1.1.2 – Improper Access Control to Blog Reset
26.10.2021 Media-Tags <= 3.2.0.2 – Admin+ Stored Cross-Site Scripting
26.10.2021 Popup Anything < 2.0.4 – Contributor+ Stored Cross-Site Scripting
25.10.2021 Reviews Plus < 1.2.14 – Subscriber+ Reviews DoS
25.10.2021 Slideshow Gallery < 1.7.4 – Admin+ Stored Cross-Site Scripting
25.10.2021 MainWP Child < 4.1.8 – Admin+ SQL Injection
25.10.2021 eCommerce Product Catalog for WordPress < 3.0.39 – Reflected Cross-Site Scripting
25.10.2021 Falang multilanguage for WordPress < 1.3.18 – Reflected Cross-Site Scripting
25.10.2021 Video Lessons Manager – Admin+ Stored Cross-Site Scripting
25.10.2021 WP Spell Check < 9.3 – Reflected Cross-Site Scripting
25.10.2021 Ecommerce – Two Factor Authentication < 1.0.5 – Reflected Cross-Site Scripting
25.10.2021 MAZ Loader <= 1.3.4 – Arbitrary Loader Deletion via CSRF
25.10.2021 Age Gate < 2.17.1 – Unauthenticated Import Settings
25.10.2021 Duplicate Post < 1.2.0 – Authenticated SQL Injection
25.10.2021 Notification < 8.0.0 – Admin+ Stored Cross-Site Scripting
Schreibe einen Kommentar