Archives: Vulnerabilities
Access violation vulnerability in atec Duplicate Page & Post 1.2.20
The ATEC Duplicate Page & Post plugin for WordPress has a security issue where unauthorized users can duplicate posts without proper authorization. This can lead to sensitive information being exposed.
Access violation vulnerability in Locker Content 1.0.0
The Locker Content plugin for WordPress has a security issue in version 1.0.0. This can allow people who are not logged in to access and view protected content from posts using the ‘lockerco_submit_post’ AJAX endpoint.
Input validation vulnerability in Penci Filter Everything 1.7
A tool called Penci Filter Everything, which is used on WordPress websites, has a security issue in versions 1.7 and earlier. This means that hackers with certain levels of access can add harmful code to pages, which will run when someone visits those pages.
Access violation vulnerability in AppPresser – Mobile App Framework 4.5.0
The AppPresser plugin for WordPress allows for the creation of mobile apps, but it has a security flaw that could allow unauthorized access to sensitive data. This flaw affects all versions of the plugin up to and including version 4.5.0. Attackers who are not logged in could potentially access information such as the names and versions of installed plugins and themes. This information could be used to target outdated or vulnerable components, making them more vulnerable to attacks.
Input validation vulnerability in Robokassa payment gateway for Woocommerce 1.8.1
The Robokassa payment gateway, a plugin for Woocommerce on WordPress, has a security issue that allows attackers to inject harmful web scripts into pages. This can happen if a user is tricked into clicking on a link.