Archives: Vulnerabilities
Input validation vulnerability in VikRestaurants Table Reservations and Take-Away 1.4
The VikRestaurants Table Reservations and Take-Away plugin for WordPress has a security issue in versions 1.4 and below. This issue, known as Stored Cross-Site Scripting, allows attackers who have administrator-level access or higher to insert harmful web scripts on certain pages. These scripts will run whenever a user visits the affected page. This problem only affects websites with multiple installations or where certain security measures have been disabled.
Input validation vulnerability in Penci Shortcodes & Performance 6.1
The Penci Shortcodes & Performance plugin for WordPress has a security issue that can allow hackers to insert harmful code into web pages. This can happen if an attacker has a certain level of access and can affect any user who visits the affected page.
Input validation vulnerability in Library Bookshelves 5.11
A tool called the Library Bookshelves plugin for WordPress has a security issue in versions 5.11 and below. This means that people who have access to the plugin can insert harmful code into web pages, which will run when someone visits that page.
Access violation vulnerability in Image Hover Effects – Elementor Addon 1.4.4
The Image Hover Effects – Elementor Addon plugin for WordPress has a security issue that allows people to access it without permission. This can be done by attackers who have at least subscriber-level access.
Input validation vulnerability in No External Links 5.1.4
A plugin called “Mihdan: No External Links” for WordPress is not secure and can be easily manipulated by hackers. This vulnerability is present in versions 5.1.4 and below. The issue is caused by a missing or incorrect security measure, which allows attackers who are not logged in to the website to perform an unauthorized action. This can happen if they trick the website’s administrator into clicking on a link.