Archives: Vulnerabilities
Input validation vulnerability in Easy Upload Files During Checkout 2.9.8
A plugin called Easy Upload Files During Checkout for WordPress has a security issue. It doesn’t check the type of files being uploaded, so attackers could upload harmful JavaScript files. This could allow them to control the website remotely.
Access violation vulnerability in WpResidence 5.3.2
The WordPress theme called WpResidence has a security issue that allows people to access it without permission. This is because there is a function that doesn’t check for the right capabilities. Even the latest version, 5.3.2, has this vulnerability, which means that anyone who is not logged in can do things they shouldn’t be able to do.
Input validation vulnerability in Likert Survey Master 0.8.0.1
A popular plugin for WordPress called Likert Survey Master has a security issue that affects all versions up to 0.8.0.1. This means that hackers can insert harmful code into a website if they can get a user to click on a link.
Input validation vulnerability in Translate WordPress with ConveyThis 266
The WordPress plugin, Language Translate Widget for WordPress – ConveyThis, is at risk of being attacked by malicious users. This can happen if the plugin is not updated to the latest version (266) and if it receives input from untrusted sources. This can potentially allow the attacker to inject a malicious code and gain access to sensitive information. However, if the website has additional plugins or themes with a POP chain, the attacker can delete files, retrieve important data, or
Input validation vulnerability in Range Slider Addon for Gravity Forms 1.1.6
The Range Slider Addon for Gravity Forms plugin on WordPress has a security issue in versions up to 1.1.6. This means that it does not properly protect against harmful code being added to a page, allowing unauthorized people to add their own code that will run whenever someone visits that page.