CVE-2022-41788 - Authenticated Cross-Site Scripting (XSS) in Soledad WordPress Theme <= 8.2.5 – Explained
CVE-2022-41788 is a security vulnerability found in the premium WordPress theme Soledad, affecting all versions up to and including 8.2.5. This is an
CVE-2022-40963 - Multiple Auth. Stored Cross-Site Scripting (XSS) Flaws in WP Page Builder Plugin (<= 1.2.6) on WordPress
WordPress has millions of installs, so plugins are a favorite target for attackers. A serious set of vulnerabilities—now assigned CVE-2022-40963—was found in the
CVE-2022-41634 - How a CSRF Flaw in Media Library Folders Plugin Put WordPress Sites at Risk
CVE-2022-41634 is a serious vulnerability that affected the popular WordPress plugin *Media Library Folders*, up to version 7.1.1. This bug could let bad
CVE-2022-41839 - Exploiting Broken Access Control in LoginPress <=1.6.2 to Change Tracking Settings
Published: June 2024
Severity: Medium (CVSS 5.4)
Component: LoginPress – Custom Login Page Customizer
Vulnerable Versions: <= 1.6.2
Threat: Unauthenticated users can change
CVE-2022-41618 - Revealing Error Logs in Media Library Assistant WordPress Plugin (<= 3.00) — How It Works, Exploit Details, and Prevention
A high-risk security flaw was found in the popular *Media Library Assistant* plugin for WordPress. Tracked as CVE-2022-41618, this vulnerability allows unauthenticated users to access
Episode
00:00:00
00:00:00