CVE-2022-45082 Multiple Auth
XSS vulnerabilities can be exploited to steal sensitive information or redirect users to another site where they can be extorted. White-hath (CVE-2016-3334) - Stored Cross-Site
CVE-2022-45073 REST API Authentication plugin = 2.4.0 has a CSRF vulnerability.
REST API Authentication plugin is used to protect your WordPress REST API based authentication with username and password. REST API Authentication plugin has a security
CVE-2022-44584 Unauth. Arbitrary File Deletion vulnerability in WatchTowerHQ plugin <= 3.6.15 on WordPress.
To achieve this, an attacker can trick users into installing a malicious plugin. Once a malicious plugin has been installed, an attacker can then send
CVE-2022-42497 Arbitrary Code Execution vulnerability in Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress.
A remote attacker could potentially execute arbitrary code on the server via a specially-crafted request. Api2Cart Bridge Connector plugin is used by a large number
CVE-2022-42461 Google Authenticator plugin = 5.6.1 has a Broken Access Control vulnerability.
If a WordPress site is using the miniOrange plugin to generate one-time password codes, then there is a risk of a remote code entry attack.
Episode
00:00:00
00:00:00