CVE-2023-4023

The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users from deleting messages from the all-users messenger.Read More ...

Continue Reading

August 30, 2023

CVE-2023-3501

The FormCraft WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even ...

Continue Reading

August 30, 2023

CVE-2023-4109

The Ninja Forms WordPress Ninja Forms Contact Form WordPress plugin before 3.6.26 was affected by a HTML Injection security vulnerability.Read More ...

Continue Reading

August 30, 2023

CVE-2023-3356

The Subscribers Text Counter WordPress plugin before 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF at ...

Continue Reading

August 30, 2023

CVE-2023-4150

The User Activity Tracking and Log WordPress plugin before 4.0.9 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate ...

Continue Reading

August 30, 2023

CVE-2023-34032

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal Casier bbPress Toolkit plugin Read More ...

Continue Reading

August 30, 2023

CVE-2023-34172

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Miled WordPress Social Login plugin Read More ...

Continue Reading

August 30, 2023

CVE-2023-34022

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rakib Hasan Dynamic QR Code Generator plugin Read More ...

Continue Reading

August 30, 2023

1 38 39 40 41 42 3,551

Back to Main
Subscribe for the latest news: