The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the âsearch_termâ parameter in versions up to, and including, 1.2.16 due to insuf ...
Continue Reading
June 09, 2023
The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_delete_pro ...
Continue Reading
June 09, 2023
The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the get function in versions up to, and including, 4.0.6. This makes i ...
Continue Reading
June 09, 2023
The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_public' function in versions up to, and inc ...
Continue Reading
June 09, 2023
The WPCS â WordPress Currency Switcher Professional plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcs_current_currency shortcode in versions up to, and inclu ...
Continue Reading
June 09, 2023
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient inp ...
Continue Reading
June 09, 2023
The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the save function in versions up to, and including, 4.0.6. This makes ...
Continue Reading
June 09, 2023
The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the templates function in versions up to, and including, 4.0.6. This m ...
Continue Reading
June 09, 2023
Back to Main
