Posts Tagged ‘Information Disclosure’
The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report
Plugin Name: The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Key Information: Software Type: Plugin Software Slug: the-post-grid Software Status: Active Software Author: techlabpro1 Software Downloads: 2,131,603 Active Installs: 100,000 Last Updated: September 14, 2024 Patched Versions: 7.7.12 Affected Versions: <= 7.7.11 Vulnerability Details: Name: The Post Grid <= 7.7.11…
Read MoreMinimal Coming Soon Vulnerability– Coming Soon Page – Unauthenticated Maintenance Mode Bypass – CVE-2024-1075 |WordPress Plugin Vulnerability Report
Plugin Name: Minimal Coming Soon – Coming Soon Page Key Information: Software Type: Plugin Software Slug: minimal-coming-soon-maintenance-mode Software Status: Active Software Author: webfactory Software Downloads: 1,881,425 Active Installs: 100,000 Last Updated: February 8, 2024 Patched Versions: 2.38 Affected Versions: <= 2.37 Vulnerability Details: Name: Minimal Coming Soon – Coming Soon Page <= 2.37 Title: Unauthenticated…
Read MoreWordPress Plugin Vulnerability Report – Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting & Insecure Direct Object Reference to Information Disclosure – CVE-2023-6225 & CVE-2023-6226
Plugin Name: Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 17,874,399 Active Installs: 600,000 Last Updated: November 27, 2023 Patched Versions: 7.0.0 Affected Versions: <= 5.13.3 Vulnerability 1 Details: Name: WP Shortcodes Plugin — Shortcodes Ultimate <= 5.13.3 – Authenticated (Contributor+) Stored Cross-Site Scripting Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper Neutralization of Input During Web…
Read MoreWordPress Plugin Vulnerabilities Report – Booster for WooCommerce – Authenticated Stored Cross-Site Scripting & Information Disclosure – CVE-2023-4945, CVE-2023-4796
Plugin Name: Booster for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-jetpack Software Status: Active Software Author: pluggabl Software Downloads: 3,353,295 Active Installs: 60,000 Last Updated: September 13, 2023 Patched Versions: 7.1.1 Affected Versions: <=7.1.0 Vulnerability Details: 1. Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Type: Improper Neutralization of Input During Web Page Generation…
Read More