Kalenderwoche 49
Plugins
09.12.2021 WPcalc <= 2.1 – Authenticated SQL Injection
09.12.2021 Button Generator < 2.3.3 – RFI leading to RCE via CSRF
09.12.2021 Modal Window < 5.2.2 – RFI leading to RCE via CSRF
09.12.2021 WP Coder < 2.5.2 – RFI leading to RCE via CSRF
08.12.2021 PublishPress Capabilities < 2.3.1 – Unauthenticated Arbitrary Options Update to Blog Compromise
08.12.2021 RegistrationMagic < 5.0.1.6 – Admin+ SQL Injection
08.12.2021 Registration Magic < 5.0.1.8 – Authentication Bypass
07.12.2021 10Web Social Photo Feed < 1.4.29 – Reflected Cross-Site Scripting (XSS)
06.12.2021 Tab – Accordion, FAQ < 1.3.2 – Unauthenticated AJAX Calls
06.12.2021 Multivendor Marketplace Solution for WooCommerce < 3.8.4 – Reflected Cross-Site Scripting
06.12.2021 Stars Rating < 3.5.1 – Comments Denial of Service
06.12.2021 Site Reviews < 5.17.3 – Unauthenticated Stored Cross-Site Scripting
06.12.2021 WooCommerce PDF Invoices & Packing Slips < 2.10.5 – Reflected Cross-Site Scripting
06.12.2021 Chaty < 2.8.3 – Reflected Cross-Site Scripting
06.12.2021 UpdraftPlus < 1.16.66 – Reflected Cross-Site Scripting
06.12.2021 PowerPack Addons for Elementor < 2.6.2 – Reflected Cross-Site Scripting
06.12.2021 Events Made Easy < 2.2.36 – Subscriber+ SQL Injection
06.12.2021 Booking Calendar < 8.9.2 – Reflected Cross-Site Scripting
Schreibe einen Kommentar