CVE-2023-0551 - How a Simple Authorization Flaw in WordPress REST API TO MiniProgram Plugin Lets Any Subscriber Delete Attachments
In early 2023, a security vulnerability was discovered in the popular WordPress plugin REST API TO MiniProgram (version <= 4.6.1). This vulnerability, tracked
CVE-2023-3958 - Exploiting SSRF in WP Remote Users Sync for WordPress
Summary
CVE-2023-3958 is a critical security vulnerability found in the popular “WP Remote Users Sync” plugin for WordPress. Versions up to and including 1.2.
CVE-2022-4953 - How a Simple URL Slip in Elementor Opens the Door to WordPress Attacks
If you run a WordPress website, there’s a good chance you’ve heard of Elementor – it’s one of the most popular website builder
CVE-2023-4243 - Arbitrary File Upload Vulnerability in FULL – Customer WordPress Plugin Explained (with Exploit Details)
> This long-read post breaks down CVE-2023-4243—a critical flaw found in the FULL – Customer WordPress plugin. We'll walk through what it is,
CVE-2023-4242 - Information Disclosure Vulnerability in FULL - Customer WordPress Plugin
Published: 2024-06-02
Affected Plugin: FULL - Customer
Vulnerable Versions: Up to and including 2.2.3
Vulnerability Type: Information Disclosure
CVSS Score: 5.3 (Medium)
Episode
00:00:00
00:00:00