Posts Tagged ‘web security practices’
Favicon by RealFaviconGenerator Vulnerability – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-31422 | WordPress Plugin Vulnerability Report
Plugin Name: Favicon by RealFaviconGenerator Key Information: Software Type: Plugin Software Slug: favicon-by-realfavicongenerator Software Status: Active Software Author: phbernard Software Downloads: 3,235,128 Active Installs: 300,000 Last Updated: April 24, 2024 Patched Versions: 1.3.30 Affected Versions: <= 1.3.29 Vulnerability Details: Name: Favicon <= 1.3.29 Title: Cross-Site Request Forgery to Notice Dismissal Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE: CVE-2024-31422 CVSS…
Read MoreImport any XML or CSV File to WordPress Vulnerability – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-31939 | WordPress Plugin Vulnerability Report
Plugin Name: Import any XML or CSV File to WordPress Key Information: Software Type: Plugin Software Slug: wp-all-import Software Status: Active Software Author: wpallimport Software Downloads: 3,920,346 Active Installs: 100,000 Last Updated: April 24, 2024 Patched Versions: 3.7.4 Affected Versions: <= 3.7.3 Vulnerability Details: Name: Import any XML or CSV File to WordPress <= 3.7.3…
Read MoreExclusive Addons for Elementor Vulnerability – Authenticated Contributor+ Stored Cross-Site Scripting – CVE-2024-1234 | WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 717,031 Active Installs: 60,000 Last Updated: March 1, 2024 Patched Versions: 2.6.9.1 Affected Versions: <= 2.6.9 Vulnerability Details: Name: Exclusive Addons for Elementor <= 2.6.9 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…
Read More