Kalenderwoche 41
Plugins
13.10.2021 Testimonial Builder < 1.6.0 – Admin+ Stored Cross-Site Scripting
13.10.2021 Brizy 1.0.127 – 2.3.11 – Incorrect Authorization to Post Modification
13.10.2021 Brizy < 2.3.12 – Authenticated Stored Cross-Site Scripting
13.10.2021 Brizy < 2.3.12 – Authenticated File Upload and Path Traversal
13.10.2021 Colorful Categories < 2.0.15 – Arbitrary Colors Update via CSRF
12.10.2021 WooCommerce Products Table < 1.0.4 – Reflected Cross-Site Scripting
12.10.2021 Discounts Manager for Products < 3.4.5 – Reflected Cross-Site Scripting
11.10.2021 3D Print Lite < 1.9.1.6 – Reflected Cross-Site Scripting
11.10.2021 Multiple Plugins from Avirtum – Reflected Cross-Site Scripting
11.10.2021 404 to 301 < 3.0.9 – Logs Deletion via CSRF
11.10.2021 Post Expirator < 2.6.0 – Contributor+ Arbitrary Post Schedule Deletion
11.10.2021 Header Footer Code Manager < 1.1.14 – Admin+ SQL Injections
11.10.2021 WP Header Images < 2.0.1 – Reflected Cross-Site Scripting
11.10.2021 wpDiscuz < 7.3.4 – Arbitrary Comment Addition/Edition/Deletion via CSRF
11.10.2021 Asgaros Forum < 1.15.13 – Unauthenticated SQL Injection
11.10.2021 WP SEO Redirect 301 < 2.3.2 – Redirect Deletion via CSRF
11.10.2021 WCFM – Frontend Manager for WooCommerce < 6.5.12 – Customer/Subscriber+ SQL Injection
11.10.2021 Affiliate Manager < 2.8.7 – Admin+ SQL injection
11.10.2021 Multiple Plugins from WPPlugin – Reflected Cross-Site Scripting via page Parameter
11.10.2021 Similar Posts <= 3.1.5 – Admin+ Arbitrary PHP Code Execution
11.10.2021 Storefront Footer Text <= 1.0.1 – Admin+ Stored Cross-Site Scripting
11.10.2021 WPSchoolPress < 2.1.10 – Reflected Cross-Site Scripting
11.10.2021 WPSchoolPress < 2.1.10 – Multiple Authenticated SQL Injections
11.10.2021 YITH WooCommerce Multi Vendor < 3.8.1 – Reflected Cross-Site Scripting
11.10.2021 Print-O-Matic < 2.0.3 – Admin+ Stored Cross-Site Scripting
11.10.2021 Pie Register < 3.7.1.6 – Unauthenticated SQL Injection
11.10.2021 Pie Register < 3.7.1.6 – Unauthenticated Arbitrary Login
11.10.2021 Coupon Affiliates for WooCommerce < 4.11.3.4 – Arbitrary Referral Visits Deletion via CSRF
11.10.2021 MAZ Loader < 1.3.3 – Contributor+ SQL Injection
11.10.2021 WPSchoolPress < 2.1.17 – Multiple Admin+ Stored Cross-Site Scripting
11.10.2021 Quiz Tool Lite <= 2.3.15 – Multiple Admin+ Stored Cross-Site Scripting
11.10.2021 Qwizcards < 3.62 – Admin+ Stored Cross Site Scripting
11.10.2021 Loco Translate < 2.5.4 – Authenticated PHP Code Injection
09.10.2021 Inline Related Posts < 3.0.5 – Admin+ Cross-Site Scripting
09.10.2021 Age GAte < 2.16.4 – Authenticated Stored Cross-Site Scripting
Themes
11.10.2021 Squaretype Modern Blog < 3.0.4 – Unauthenticated Private/Schedule Posts Disclosure
Schreibe einen Kommentar