CVE-2023-47226 - How an Authenticated (Admin+) Stored XSS in Post Sliders & Post Grids WordPress Plugin (<= 1..20) Can Affect Your Site
In 2023, security researchers found a significant vulnerability in the WordPress plugin "Post Sliders & Post Grids by I Thirteen Web Solution." This
CVE-2023-46643 - Unauthenticated Reflected Cross-Site Scripting (XSS) Vulnerability in the CloudNet360 WordPress Plugin (<= 3.2.)
---
Overview
On October 30th, 2023, a security vulnerability was publicly disclosed affecting CloudNet360, a popular WordPress plugin developed by Gary Jezorski. Tracked as CVE-2023-46643,
CVE-2023-46642 - Authenticated Stored XSS in SAHU TikTok Pixel for E-Commerce WordPress Plugin <= 1.2.2
If you're running an online store with WordPress and using the SAHU TikTok Pixel for E-Commerce plugin (version 1.2.2 or below)
CVE-2023-5818 - Exploiting CSRF in Amazonify WordPress Plugin to Hijack Amazon Tracking ID
On WordPress sites, plugins often handle sensitive configuration settings. When these plugins have security holes, malicious actors risk stealing sensitive data or causing major problems.
CVE-2023-5703 - How Gift Up Gift Cards for WooCommerce Became a Target for Stored XSS
The WordPress ecosystem runs on thousands of plugins, which add new features and value to every type of website. One of those plugins is Gift
Episode
00:00:00
00:00:00