WordPress - CVE CyberSecurity Database News (Page 101)

Nov 22, 2023 WordPress SQL PHP Wp anything slider

CVE-2023-5466 - SQL Injection Vulnerability in WP Anything Slider Plugin Explained

*WordPress* is the world’s most popular CMS, so plugins that aren’t secure can have massive consequences. In this article, we’ll dig deep

Nov 22, 2023 CSRF WordPress Exploit funnelforms Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free

CVE-2023-5382 - How a Simple CSRF Bug Could Let Attackers Delete Your WordPress Posts via Funnelforms Free

--- Summary: A Cross-Site Request Forgery (CSRF) vulnerability has been discovered in the popular Funnelforms Free WordPress plugin, affecting versions up to and including 3.

Nov 22, 2023 WordPress PHP funnelforms Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free

CVE-2023-5385 - How a WordPress Plugin Let Low-Permission Users Copy Any Post (Funnelforms Free <= 3.4)

Date: June 2024 Severity: Medium Exploitability: Authenticated (Subscriber+) >The Funnelforms Free plugin for WordPress, up to version 3.4, contains a security vulnerability (CVE-2023-5385)

Nov 22, 2023 CSRF WordPress funnelforms Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free

CVE-2023-5383 - Exploiting WordPress Funnelforms Free Plugin CSRF Vulnerability (Versions ≤ 3.4)

--- Published: June 2024 Affected Plugin: Funnelforms Free (≤ 3.4) Vulnerability: Cross-Site Request Forgery (CSRF) CVE: CVE-2023-5383 Severity: Medium Impact: Unauthorized copying of arbitrary posts

Nov 22, 2023 WordPress Exploit funnelforms Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free

CVE-2023-5386 - How a Funnelforms Free Plugin Flaw Lets Any Subscriber Delete Your WordPress Posts

Date Discovered: October 2023 Affected Plugin: Funnelforms Free for WordPress Vulnerable Version: Up to and including 3.4 CVSS Score: 8.8 (High) Original Advisory: