Archives: Vulnerabilities
Input validation vulnerability in AI Feeds 1.0.11
The AI Feeds plugin for WordPress has a security issue that allows anyone to upload files without permission. This can be exploited by hackers to access and change files on the website’s server, potentially allowing them to run malicious code.
Input validation vulnerability in I Order Terms 1.5.0
A popular plugin for WordPress called “I Order Terms” has a security vulnerability that affects all versions up to 1.5.0. This means that anyone can potentially perform an unauthorized action on a website without being authenticated, as long as they can trick the site administrator into clicking on a link.
Access violation vulnerability in Better Chat Support for Messenger 1.2.18
The Better Chat Support for Messenger plugin for WordPress has a security issue that allows unauthorized access. This means that anyone who is not authorized can potentially access the plugin and perform actions without permission.
Access violation vulnerability in Accessibility Tool Kit: WP Accessibility Plugin for WCAG, Section 508, ADA, EAA Compliance 2.0.4
The WP Accessibility Plugin for WordPress, which helps websites comply with accessibility standards such as WCAG, Section 508, ADA, and EAA, has a security vulnerability. This means that people who are not supposed to have access may be able to gain access to certain features. This could potentially be done by someone with at least Subscriber-level access.
Input validation vulnerability in CIBELES AI 1.10.8
The CIBELES AI plugin for WordPress has a security issue where anyone can upload files without permission. This can lead to attackers being able to download files from GitHub and change the plugin on the website, potentially allowing them to run their own code.