CVE-2023-47685 - Cross-Site Request Forgery (CSRF) in Lukman Nakib Preloader Matrix (All Versions up to 2..1)
If you work with the Preloader Matrix plugin by Lukman Nakib, you should be aware of CVE-2023-47685, a Cross-Site Request Forgery (CSRF) vulnerability in all
CVE-2023-47757 - How a CSRF and Missing Authorization Bug in the AWeber WordPress Plugin Lets Attackers Exploit Your Site
*Published: June 2024 — By: WordSecWrite*
WordPress plugins are great for extending your website’s features, but they can open big security holes if not carefully
CVE-2023-47688 - How a CSRF Bug in Youtube SpeedLoad Plugin <= .6.3 Could Have Let Someone Hijack Your WordPress
---
A major issue was uncovered in an old—but still widely used—WordPress plugin called “Youtube SpeedLoad”, developed by Alexufo. If you have version
CVE-2023-47646 - Authenticated Stored XSS in CedCommerce Recently Viewed And Most Viewed Products (<= 1.1.1)
In late 2023, security researchers discovered a serious bug in the CedCommerce Recently viewed and most viewed products WordPress plugin (versions up to and including
CVE-2023-47654 - How a Contributor Could Hack Your Site With The BZScore WordPress Plugin (Explained)
CVE-2023-47654 is a vulnerability that lets low-privileged users (contributors and above) inject malicious code into WordPress sites using the “BZScore – Live Score” plugin, versions up
Episode
00:00:00
00:00:00