Day: Eylül 6, 2022

CVE-2022-2695

The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘caption’ parameter added to images via the media…

Devamını oku

CVE-2022-2633

The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and blind server-side request forgery via the ‘dl’ parameter found in the…

Devamını oku

CVE-2022-2542

The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is…

Devamını oku

CVE-2022-2541

The uContext for Amazon plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is…

Devamını oku

CVE-2022-2540

The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. This is…

Devamını oku

CVE-2022-2518

The Stockists Manager for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.2.1. This is due to…

Devamını oku

CVE-2022-2517

The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Caption – On Hover’ value associated with images…

Devamını oku

CVE-2022-2516

The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post/page ‘Title’ value in versions up to, and including,…

Devamını oku

CVE-2022-2515

The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `pro_version_activation_code` parameter in versions up to, and including, 2.11.0 due to…

Devamını oku

CVE-2022-2473

The WP-UserOnline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘templates[browsingpage][text]’ parameter in versions up to, and including, 2.87.6 due to insufficient…

Devamını oku