Archives: Vulnerabilities
Input validation vulnerability in wpForo Forum 2.4.8
The wpForo Forum plugin for WordPress has a security vulnerability that can be exploited by attackers. This is due to a lack of validation on certain parameters, specifically ‘offset’ and ‘row_count’. This can allow attackers to inject malicious code and gain access to sensitive information stored in the database. The vulnerability affects all versions of the plugin up to 2.4.8.
Input validation vulnerability in RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator 5.1.0
The RSS Aggregator plugin for WordPress, called Feedzy, has a security issue that affects all versions up to 5.1.0. This vulnerability, known as Server-Side Request Forgery, allows attackers with Subscriber-level access or higher to make requests to other websites from within the plugin. This can potentially give them access to sensitive information from internal services.
Access violation vulnerability in Masterstudy Elementor Widgets 1.2.4
The Masterstudy Elementor Widgets plugin for WordPress has a security issue that could allow unauthorized access. This means that people who are not supposed to be able to make changes could potentially do so.
Access violation vulnerability in Masterstudy Elementor Widgets 1.2.4
The Masterstudy Elementor Widgets plugin for WordPress has a security issue that allows unauthorized users to access it. This is because the plugin does not check for proper permissions before performing a certain function. This means that anyone with at least Subscriber-level access can do something they are not supposed to do.
Input validation vulnerability in Discussion Board – WordPress Forum Plugin 2.5.5
The Discussion Board – WordPress Forum Plugin for WordPress has a security issue that allows anyone with Subscriber-level access or above to run shortcodes without proper validation. This can be exploited by malicious individuals.