Archives: Vulnerabilities
Access violation vulnerability in Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates 2.4.5
The Animation Addons for Elementor is a plugin for WordPress that helps add animations and templates to websites. Unfortunately, there is a security issue with this plugin that allows unauthorized people to access it. This means that someone who shouldn’t have access to the plugin could delete important content from a website.
Access violation vulnerability in Simple Like Page Plugin 1.5.3
The Simple Like Page plugin for WordPress has a security issue that allows unauthorized access. This is because it does not have a check in place to ensure only authorized users can use certain functions. As a result, attackers who are not logged in can perform actions that they should not be able to.
Input validation vulnerability in Hammas Calendar 1.5.11
The Hammas Calendar plugin used in WordPress has a security issue that allows hackers to inject harmful code into web pages. This can be done by exploiting the ‘apix’ parameter in the ‘hp-calendar-manage-redirect’ shortcode. This vulnerability affects all versions up to 1.5.11 and can be used by attackers with Contributor-level access or higher. The injected code will then run whenever a user visits the affected page.
Output validation vulnerability in Tennis SportClub – Tennis Sports Events WordPress Theme 1.2.3
The Tennis SportClub – Tennis Sports Events WordPress Theme for WordPress can be hacked in versions 1.2.3 and below due to a vulnerability called PHP Object Injection. This means that someone who is not authorized to access the website can insert a malicious code and potentially delete important files, access private information, or run their own code. There is no known solution for this issue, but if any additional plugins or themes are installed on the website, it could make
Input validation vulnerability in Poll, Survey & Quiz Maker Plugin by Opinion Stage 19.6.25
A popular plugin for WordPress, called the Poll, Survey & Quiz Maker Plugin by Opinion Stage, has a security issue that could allow hackers to insert harmful scripts into web pages. This can happen because the plugin does not properly clean up and protect user input. As a result, attackers could inject their own code into web pages, which could then run when users visit those pages.