CVE-2023-47552 - Unpacking the CSRF Vulnerability in the Image Hover Effects WordPress Plugin (v ≤ 5.5)
---
WordPress is the backbone of millions of websites. Its ecosystem of plugins makes it easy to add cool features, but sometimes, they carry hidden dangers.
CVE-2023-47685 - Cross-Site Request Forgery (CSRF) in Lukman Nakib Preloader Matrix (All Versions up to 2..1)
If you work with the Preloader Matrix plugin by Lukman Nakib, you should be aware of CVE-2023-47685, a Cross-Site Request Forgery (CSRF)
CVE-2023-47757 - How a CSRF and Missing Authorization Bug in the AWeber WordPress Plugin Lets Attackers Exploit Your Site
*Published: June 2024 — By: WordSecWrite*
WordPress plugins are great for extending your website’s features, but they can open big security holes if not carefully
CVE-2023-47688 - How a CSRF Bug in Youtube SpeedLoad Plugin <= .6.3 Could Have Let Someone Hijack Your WordPress
---
A major issue was uncovered in an old—but still widely used—WordPress plugin called “Youtube SpeedLoad”, developed by Alexufo. If you have version .6.
CVE-2023-47646 - Authenticated Stored XSS in CedCommerce Recently Viewed And Most Viewed Products (<= 1.1.1)
In late 2023, security researchers discovered a serious bug in the CedCommerce Recently viewed and most viewed products WordPress plugin (versions up to and including
Episode
00:00:00
00:00:00