CVE-2022-3357 - How a Smart Slider 3 Vulnerability Could Let Hackers Take Over WordPress Sites
In November 2022, a critical vulnerability was discovered in the popular Smart Slider 3 WordPress plugin. Identified as CVE-2022-3357, this security flaw could allow an
CVE-2022-3380 - Unrestricted Unserialization Vulnerability in Customizer Export/Import WordPress Plugin Prior to .9.5
The Customizer Export/Import WordPress plugin is a widely utilized utility that allows website administrators to effortlessly export and import settings of WordPress Customizer to
![CVE-2022-2190 The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $_SERVER['REQUEST_URI'] parameter, which could lead to Reflected Cross-Site Scripting in old browsers.](/content/images/size/w720/2022/12/CVE-2022-2190.png)
CVE-2022-2190 The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $_SERVER['REQUEST_URI'] parameter, which could lead to Reflected Cross-Site Scripting in old browsers.
when a malicious user sends a request to a site with this plugin installed and receives a response with a maliciously crafted request_uri value.
CVE-2022-3366 The PublishPress Capabilities plugin before 2.5.2 unserializes imported files, which could lead to PHP object injection attacks by administrators.
This issue has been fixed in version 2.6.1 of both plugins.
PublishPress Capabilities Pro WordPress plugin before 2.6.1 uses an insecure
CVE-2022-3771 - Critical Unrestricted File Upload in easyii CMS (VDB-212501) – Explained
In late 2022, a high-impact vulnerability surfaced in easyii CMS. Labeled as CVE-2022-3771 (also known as VDB-212501), it enables attackers to upload files without restriction
Episode
00:00:00
00:00:00