CVE-2022-3131
The Search Logger WordPress plugin through 0.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a…
Devamını oku
Day: Ekim 17, 2022
CVE-2022-3126
The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in…
CVE-2022-3082
The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users,…
CVE-2022-2834
The Helpful WordPress plugin before 4.5.26 puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow attackers to…
CVE-2022-2574
The Meks Easy Social Share WordPress plugin before 1.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2022-2563
The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored…
CVE-2022-3281
WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot.…
CVE-2022-2052
Multiple Trumpf Products in multiple versions use default privileged Windows users and passwords. An adversary may use these accounts to remotely gain full access to…
[webapps] WordPress Plugin ImageMagick-Engine 1.7.4 – Remote Code Execution (RCE) (Authenticated)
Wordpress Plugin ImageMagick-Engine 1.7.4 – Remote Code Execution (RCE) (Authenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed