Day: Mayıs 16, 2022

CVE-2022-1557

The ULeak Security & Monitoring WordPress plugin through 1.2.3 does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation…

Devamını oku

CVE-2022-1553

Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the…

Devamını oku

CVE-2022-1512

The ScrollReveal.js Effects WordPress plugin through 1.2 does not sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks…

Devamını oku

CVE-2022-1436

The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargo_tracking_number parameter before outputting it back in the page, which…

Devamını oku

CVE-2022-1409

The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload…

Devamını oku