CVE-2022-3180: WPGateway Plugin for WordPress Privilege Escalation Vulnerability - Creating Malicious Administrator Accounts
A critical vulnerability has been discovered in the WPGateway Plugin for WordPress, affecting versions up to and including 3.5. This vulnerability, assigned the Common
CVE-2024-13440 - Critical SQL Injection in Super Store Finder WordPress Plugin (Up to v7.) — How It Works, Exploit Details & Code Example
CVE-2024-13440 is a newly identified vulnerability found in the popular Super Store Finder plugin for WordPress. If you’re running any version up to 7.
CVE-2025-0169 - Exploiting Stored Cross-Site Scripting (XSS) in DWT - Directory & Listing WordPress Theme (<= 3.3.4)
The web is full of themes and plugins that make WordPress shine, but sometimes, a simple oversight in code can lead to serious security holes.
CVE-2025-0316 - Authentication Bypass in WordPress Directorybox Manager Plugin ≤ 2.5 - Full Analysis and Exploit
CVE-2025-0316 is a critical vulnerability affecting the popular Directorybox Manager plugin for WordPress. Versions up to and including 2.5 are impacted. The flaw lets
CVE-2025-25103 - Cross-Site Request Forgery (CSRF) in bnielsen Indeed API (up to .5)
Cross Site Request Forgery (CSRF) continues to make the headlines, and now it’s bnielsen’s Indeed API plugin’s turn. If you’re running
Episode
00:00:00
00:00:00