Über dem Abgrund hängen
|

WordPress Plugins, Themes, Core – Sicherheitslücken 2022

Kalenderwoche 19

Plugins

14.05.2022 Donations <= 1.8 – Contributor+ Stored Cross-Site Scripting

13.05.2022 Files Download Delay < 1.0.7 – Subscriber+ Settings Reset

12.05.2022 WordPress Forms by Pie Forms < 1.4.9.4 – Admin+ Stored Cross-Site Scripting
12.05.2022 WP Simple Adsense Insertion < 2.1 – Inject ads and javascript via CSRF
12.05.2022 Five Minute Webshop <= 1.3.2 – Admin+ SQLi via orderby
12.05.2022 amtyThumb <= 4.2.0 – Subscriber+ SQLi
12.05.2022 Cube Slider <= 1.2 – Admin+ SQLi
12.05.2022 Five Minute Webshop <= 1.3.2 – Admin+ SQLi via id
12.05.2022 Logo Slider <= 1.4.8 – Admin+ SQLi
12.05.2022 Note Press <= 0.1.10 – Admin+ SQLi via id
12.05.2022 Note Press <= 0.1.10 – Admin+ SQLi via Update
12.05.2022 Note Press <= 0.1.10 – Admin+ SQLi via Bulk Actions
12.05.2022 CP Image Store with Slideshow < 1.0.68 – Unauthenticated SQLi
12.05.2022 Realty Workstation <= 1.0.6 – Agent SQLi

11.05.2022 Database Backup for WordPress < 2.5.2 – Arbitrary Schedule Settings Update via CSRF
11.05.2022 WP Fundraising Donation and Crowdfunding Platform <= 1.4.2 – Unauthenticated SQLi
11.05.2022 WooCommerce Green Wallet Gateway < 1.0.2 – Reflected Cross Site Scripting in checkout page

10.05.2022 WP Statistics < 13.2.2 – Reflected Cross-Site Scripting

09.05.2022 Quotes llama <= 0.7 – Admin+ Stored Cross-Site Scripting
09.05.2022 Easy FAQ with Expanding Text <= 3.2.8.3.1 – Admin+ Stored Cross-Site Scripting
09.05.2022 Call&Book Mobile Bar <= 1.2.2 – Admin+ Stored Cross Site Scripting
09.05.2022 No Future Posts <= 1.4 – Admin+ Stored Cross-Site Scripting
09.05.2022 Slideshow <= 2.3.1 – Author+ Stored Cross-Site Scripting
09.05.2022 Slideshow <= 2.3.1 – Admin+ Stored Cross-Site Scripting
09.05.2022 BannerMan <= 0.2.4 – Multiple Admin+ Stored Cross-Site Scripting
09.05.2022 IMDB info box <= 2.0 – Admin+ Stored Cross-Site Scripting
09.05.2022 Simple Real Estate Pack <= 1.4.8 – Admin+ Stored Cross Site Scripting
09.05.2022 Amazon Link <= 3.2.10 – Admin+ Stored Cross-Site Scripting
09.05.2022 HPB Dashboard <= 1.3.1 – Admin+ Stored Cross Site Scripting
09.05.2022 External Links in New Window / New Tab < 1.43 – Unauthenticated Stored Cross-Site Scripting
09.05.2022 Birthdays Widget <= 1.7.18 – Admin+ Stored Cross Site Scripting
09.05.2022 Bulk Page Creator < 1.1.4 – Arbitrary Page Creation via CSRF
09.05.2022 User Meta < 2.4.3 – Admin+ Stored Cross-Site Scripting
09.05.2022 Change wp-admin Login < 1.1.0 – Unauthenticated Arbitrary Settings Update
09.05.2022 JivoChat < 1.3.5.4 – Stored Cross-Site Scripting via CSRF
09.05.2022 External Links in New Window / New Tab < 1.43 – Tabnabbing
09.05.2022 Team Members < 5.1.1 – Admin+ Stored Cross-Site Scripting
09.05.2022 StaffList < 3.1.7 – Reflected Cross-Site Scripting
09.05.2022 Form Maker By 10Web < 1.14.12 – Admin+ Stored Cross-Site Scripting

Kommentarformular bitte nicht für Supportanfragen verwenden

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht.