This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
The BEAR plugin for WordPress has a security issue in versions 1.1.4.4 and below. This allows hackers who have administrator access to add harmful code to pages, which will run whenever a user visits...
Read MoreA plugin called "BEAR" for WordPress has a security issue where hackers can inject harmful code into web pages. This can happen if a user clicks on a suspicious link.
Read MoreMany add-ons for WordPress have a security flaw called Cross-Site Request Forgery. This happens when the website doesn't properly check for a special code to make sure the user is authorized. This ca...
Read MoreThe BEAR plugin for WordPress has a security issue that allows unauthorized individuals to change data. This is because the woobe_update_page_field() function in versions 1.1.4.3 and below does not h...
Read MoreThe BEAR plugin for WordPress has a security issue that allows unauthorized users to access it. This is because the plugin does not have proper checks in place for certain functions in the /ext/histo...
Read MoreThe BEAR plugin for WordPress, which helps manage products for online stores, has a security vulnerability that allows hackers to inject harmful code into web pages. This can only happen on multi-sit...
Read MoreThe BEAR plugin for WordPress has a security vulnerability in versions 1.1.3.3 and earlier. An attacker with even the lowest level of authentication (such as a "subscriber") can use a specific functi...
Read MoreThe BEAR plugin for WordPress is not secure in versions up to, and including, 1.1.3.3. Attackers who have not been authorized can delete profiles by sending a fake request, as long as they can get an...
Read MoreThe BEAR WordPress plugin is vulnerable to Cross-Site Request Forgery in versions 1.1.3.3 and earlier. This means that unauthenticated attackers can delete products by tricking a site administrator i...
Read MoreThe BEAR plugin for WordPress is not secure in versions up to and including 1.1.3.3. This is because the plugin does not have a capability check on its woobe_bulkoperations_swap function. This means ...
Read MoreThe BEAR plugin for WordPress has a security vulnerability in versions up to and including 1.1.3.3. This vulnerability means that if someone with subscriber access or higher is authenticated, they ca...
Read MoreThe WordPress plugin "BEAR" has a security vulnerability in versions up to 1.1.3.3. This means that it is possible for someone without permission to delete products on a website if they can get an ad...
Read MoreThe BEAR for WordPress plugin is vulnerable to security issues in versions 1.1.3.3 and below. An unauthenticated attacker may be able to trick a site administrator into clicking a malicious link whic...
Read MoreThe BEAR for WordPress is a plugin that has a security vulnerability in versions up to and including 1.1.3.3. This means that an attacker who is not logged in can make changes to the plugin's setting...
Read MoreThe BEAR plugin for WordPress has a security issue in versions up to 1.1.3.3. This issue is caused by either missing or incorrect validation of a certain type of security code called a nonce, on the ...
Read MoreThe BEAR WordPress plugin is not secure in versions up to and including 1.1.3.3. A flaw in the nonce validation of the woobe_bulkoperations_swap function makes it possible for unauthorised users to m...
Read MoreThe BEAR WordPress plugin is vulnerable to an issue called Missing Authorization. This means any user with an account (even a basic one) can make changes to the products. This issue affects versions ...
Read MoreThe BEAR plugin for WordPress is not secure in versions up to 1.1.3.3. This means that an unauthenticated attacker could take advantage of a vulnerability in the plugin and cause the administrator to...
Read MoreThe BEAR plugin for WordPress is vulnerable to a security issue called Cross-Site Request Forgery. This affects versions up to, and including, 1.1.3.1. The issue is due to the lack of proper validati...
Read More