| | |

WordPress Plugins, Themes, Core – Sicherheitslücken 2021

fotografiert von Gabriele Lässer
801 7214

Kalenderwoche 44

Plugins

03.11.2021 WP Google Fonts < 3.1.5 – Reflected Cross-Site Scripting
03.11.2021 Event Manager for WooCommerce < 3.5.3 – Unauthenticated Arbitrary Elementor Template Import
03.11.2021 Event Manager for WooCommerce < 3.5.3 – Unauthenticated Arbitrary Options Reset
03.11.2021 Email Tracker < 5.2.6 – Reflected Cross-Site Scripting
03.11.2021 Hotel Listing < 1.3.3 – Authenticated Stored Cross-Site Scripting

02.11.2021 ARForms Form Builder < 1.5 – Admin+ Stored Cross Site Scripting
02.11.2021 WP DSGVO Tools (GDPR) < 3.1.24 – Unauthenticated Arbitrary Post Deletion
02.11.2021 WP All Import < 3.6.3 – Admin+ Stored Cross-Site Scripting
02.11.2021 WPS Hide Login < 1.9.1 – Protection Bypass with Referer-Header

01.11.2021 Contest Gallery < 13.1.0.7 – Subscriber+ Email Address Disclosure
01.11.2021 Contest Gallery < 13.1.0.6 – Missing Access Controls to Unauthenticated SQL injection / Email Address Disclosure
01.11.2021 Check & Log Email < 1.0.4 – Reflected Cross-Site Scripting
01.11.2021 BSK PDF Manager < 3.1.2 – Admin+ SQL Injection
01.11.2021 Stylish Cost Calculator < 7.04 – Subscriber+ Unauthorised AJAX Calls to Stored XSS
01.11.2021 Shop Page WP < 1.2.8 – Admin+ Stored Cross-Site Scripting
01.11.2021 Ibtana – Ecommerce Product Addons < 0.2.4 – Reflected Cross-Site Scripting
01.11.2021 WP RSS Aggregator < 4.19.2 – Admin+ Stored Cross-Site Scripting
01.11.2021 GenerateBlocks < 1.4.0 – Contributor+ Stored Cross-Site Scripting
01.11.2021 Email Before Download < 6.8 – Admin+ SQL Injection
01.11.2021 myCred < 2.3 – Subscriber+ SQL Injection
01.11.2021 Google Maps Easy < 1.10.1 – Admin+ Stored Cross-Site Scripting
01.11.2021 My Calendar < 3.2.18 – Subscriber+ Reflected Cross-Site Scripting

Kommentarformular bitte nicht für Supportanfragen verwenden

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.