Archives: Vulnerabilities
Input validation vulnerability in WP Mailto Links – Protect Email Addresses 3.1.4
The WP Mailto Links plugin, used for WordPress, has a security issue in versions up to 3.1.4. This means that unauthorized individuals with high-level access can insert harmful code into certain pages, which will then run whenever someone visits those pages. This problem only affects certain types of WordPress installations.
Input validation vulnerability in WP Rentals – Booking Accommodation WordPress Theme 3.13.1
The Rentals theme for WordPress has a security issue called Cross-Site Request Forgery. It affects versions up to 3.13.1. This happens because a certain function does not properly check for a special code. As a result, someone who is not authorized can trick a site administrator into doing something without their permission. For example, they might click on a link that looks innocent but actually causes harm.
Input validation vulnerability in NIX Anti-Spam Light 0.0.4
The NIX Anti-Spam Light plugin for WordPress has a security issue where it is possible for someone to make unauthorized changes to a website. This can happen if a person is able to trick the website’s administrator into clicking on a link. This vulnerability exists in versions up to and including 0.0.4.
Input validation vulnerability in Email Subscription Popup 1.2.26
The Email Subscription Popup plugin for WordPress has a security vulnerability that allows hackers to inject harmful code into a website. This can happen if the attacker has administrator-level access and the website is set up for multiple users. To protect against this, make sure the “unfiltered_html” setting is disabled.
Input validation vulnerability in Post Featured Video 1.7
The Post Featured Video plugin for WordPress has a security issue in versions up to 1.7. This means that someone who is not authorized can trick a site administrator into doing something they shouldn’t, like clicking on a link.