CVE-2023-2745 - Directory Traversal in WordPress Core – What Happened, How it Works, and Real-World Dangers
WordPress powers over 40% of the web, but that popularity makes it a lucrative target for hackers. In this long read, we’ll break down
CVE-2023-32243 - How Improper Authentication in Essential Addons for Elementor Lets Attackers Take Over WordPress Sites
Published: June 2024
Vulnerability Type: Improper Authentication / Privilege Escalation
Affected Plugin: WPDeveloper Essential Addons for Elementor
Affected Versions: 5.4. up to 5.7.1
CVE-2023-30777 - Unauthenticated Reflected XSS in Advanced Custom Fields Pro/ACF Plugin (<=6.1.5) Explained
In 2023, a dangerous security hole was found in one of WordPress’s most popular plugins: Advanced Custom Fields (ACF) and Advanced Custom Fields Pro
CVE-2023-1196 - Breaking Down the PHP Object Injection in ACF Plugins for WordPress (Exploit, Explanation & Code Example)
WordPress powers over 40% of the web, making plugins like Advanced Custom Fields (ACF) extremely popular for site customization. But with popularity comes attention from
CVE-2022-45838 - How ARForms Form Builder Plugin <= 1.5.5 Can Be Tricked With Simple Stored XSS (And How To Stay Safe)
The internet is loaded with websites powered by WordPress, and if you've used forms on your site, maybe you've heard about
Episode
00:00:00
00:00:00