Archives: Vulnerabilities
Access violation vulnerability in WP Coupons and Deals – Click to Copy Coupons 3.2.4
The Coupons and Deals plugin for WordPress has a security issue that allows unauthorized access. This means that people who are logged in with a subscriber account or higher can do things they shouldn’t be able to do.
Input validation vulnerability in Plugin Organizer 10.2.3
The Plugin Organizer plugin for WordPress is at risk for a type of cyber attack called SQL Injection. This is because the plugin does not properly protect against malicious code that could be added to a user input, and the existing code is not properly prepared for this type of attack. As a result, hackers with a certain level of access could potentially add their own code to existing code, allowing them to access sensitive information from the website’s database.
Authentication vulnerability in Mobile builder 1.4.2
The software used to create mobile websites on WordPress is not secure and can be accessed without proper login credentials. This puts websites using the plugin at risk for unauthorized access.
Input validation vulnerability in Cinerama – A WordPress Theme for Movie Studios and Filmmakers 2.4
The Cinerama theme for WordPress, designed for movie studios and filmmakers, has a security vulnerability in versions 2.4 and below. This means that someone with contributor-level access or higher can add and run any files on the server, even if they contain PHP code. This can lead to unauthorized access, exposure of private information, or the ability to run code.
Access violation vulnerability in Knowband Mobile App Builder 2.0.8
The Knowband Mobile App Builder plugin for WordPress has a security issue that could result in data being lost without permission. This happens because the plugin does not have a way to verify the user’s authorization before deleting someone’s account. This means that hackers who are not logged in could delete any user they want.