Archives: Vulnerabilities
Input validation vulnerability in Emu2 – Email Users 2 0.83b
The Emu2 plugin for WordPress has a security vulnerability in versions up to and including 0.83b. This means that the plugin does not properly protect against harmful scripts being inserted by attackers. If a user is tricked into clicking on a link, these scripts could be executed without their knowledge.
Input validation vulnerability in Carousel Block – Responsive Image and Content Carousel 1.1.5
A plugin called “B Carousel Block” for WordPress has a security issue in versions up to 1.1.5. This is because the plugin does not check the URLs provided by users before using them. This allows attackers with at least subscriber-level access to the website to make requests to any website they want. This can be used to access and change information from internal services.
Input validation vulnerability in Clanora – Cleaning Services WordPress Theme 1.3.1
The clanora theme for WordPress has a security issue where anyone can upload any type of file, even if they are not authorized. This can lead to hackers being able to upload harmful files onto the website’s server, potentially allowing them to take control of the site.
Access violation vulnerability in Wikipedia Preview 1.15.0
The Wikipedia Preview plugin for WordPress has a security issue that allows unauthorized users to access it without proper permission. This vulnerability affects all versions of the plugin up to 1.15.0.
Input validation vulnerability in Advanced Custom Fields : CPT Options Pages 2.0.9
The Advanced Custom Fields : CPT Options Pages plugin for WordPress has a security issue in versions up to 2.0.9. This can be exploited by hackers who are not logged in to the site and can trick a site administrator into clicking on a link. This allows them to perform an unauthorized action without permission.