Day: Mart 20, 2023

CVE-2023-0631

The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query. Zafiyet ile…

Devamını oku

CVE-2023-0630

The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query. Zafiyet ile ilgili…

Devamını oku

CVE-2023-0370

The WPB Advanced FAQ WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post…

Devamını oku

CVE-2023-0369

The GoToWP WordPress plugin through 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the…

Devamını oku

CVE-2023-0365

The React Webcam WordPress plugin through 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where…

Devamını oku

CVE-2023-0364

The real.Kit WordPress plugin before 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the…

Devamını oku

CVE-2023-0340

The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and…

Devamını oku

CVE-2023-0273

The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post…

Devamını oku

CVE-2023-0175

The Responsive Clients Logo Gallery Plugin for WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back…

Devamını oku

CVE-2023-0167

The GetResponse for WordPress plugin through 5.5.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where…

Devamını oku