Day: Mayıs 2, 2022

CVE-2022-1269

The Fast Flow WordPress plugin before 1.2.11 does not sanitise and escape the page parameter before outputting back in an attribute in an admin dashboard,…

Devamını oku

CVE-2022-1255

The Import and export users and customers WordPress plugin before 1.19.2.1 does not sanitise and escaped imported CSV data, which could allow high privilege users…

Devamını oku

CVE-2022-1250

The LifterLMS PayPal WordPress plugin before 1.4.0 does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the…

Devamını oku

CVE-2022-1046

The Visual Form Builder WordPress plugin before 3.0.7 does not sanitise and escape the form’s ‘Email to’ field , which could allow high privilege users…

Devamını oku

CVE-2022-0783

The Multiple Shipping Address Woocommerce WordPress plugin before 2.0 does not properly sanitise and escape numerous parameters before using them in SQL statements via some…

Devamını oku

CVE-2022-0773

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed,…

Devamını oku

CVE-2022-0771

The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions (available…

Devamını oku