WordPress - CVE CyberSecurity Database News (Page 156)

Nov 18, 2022 WordPress

CVE-2022-43482 Missing Authorization vulnerability in Appointment Booking Calendar plugin <= 1.3.69 on WordPress.

This vulnerability allows attackers to steal users’ information by tricking them into visiting a malicious website or email. When you update your WP app book

Nov 18, 2022 CSRF WordPress API Exploit Constant Contact Creative Mail (WordPress plugin)

CVE-2022-40687 - Breaking Down the CSRF Flaw in Creative Mail Plugin <= 1.5.4 for WordPress

--- Introduction On September 27, 2022, a security flaw was reported as CVE-2022-40687—marking a significant vulnerability in the Creative Mail plugin for WordPress up

Nov 18, 2022 CSRF XSS WordPress Carlos Doral Mantenimiento web (WordPress plugin)

CVE-2022-38075 - How a CSRF Bug in Mantenimiento Web Plugin Leads to Stored XSS on WordPress

Table of Contents Introduction WordPress is the most popular Content Management System (CMS) in the world. Its plugin ecosystem brings great flexibility—but also opens

Nov 18, 2022 WordPress ExpressTech Quiz And Survey Master (WordPress plugin)

CVE-2022-41652 - How Attackers Bypass Quiz And Survey Master Plugin (WordPress <= 7.3.10)

If you use WordPress to run quizzes or surveys, you might be using the Quiz And Survey Master (QSM) plugin. This plugin helps you create

Nov 18, 2022 WordPress PHP Collne Inc. Welcart e-Commerce (WordPress plugin)

CVE-2022-41840 - Unauthenticated Directory Traversal Vulnerability in Welcart eCommerce <= 2.7.7 for WordPress

--- Introduction A critical vulnerability dubbed CVE-2022-41840 was discovered in the Welcart eCommerce WordPress plugin, affecting all versions up to and including 2.7.7.