CVE-2022-0874 - How a Simple XSS Vulnerability in WP Social Buttons Plugin Exposed Your WordPress Site
---
Introduction
WordPress is the world’s most popular CMS, and with that comes risks — especially from plugins. CVE-2022-0874 is a critical security flaw in
CVE-2022-1338 The Easily Generate Rest API Url WordPress plugin has settings that allow high privilege users to perform XSS attacks.
When creating a new REST API, the plugin allows for the setting of the allowed_origins capability, which if left empty defaults to the setting
CVE-2022-1239 - How a HubSpot WordPress Plugin Bug Could Let Attackers Trick Your Server (With Code and Exploit Walkthrough)
If you use WordPress with the HubSpot plugin, a security bug could be putting your website at risk. This bug, tracked as CVE-2022-1239, allows users
CVE-2022-1329 - Critical Remote Code Execution Flaw in Elementor Website Builder Plugin for WordPress
In today’s post, we’ll dive deep into CVE-2022-1329, a severe vulnerability in the very popular Elementor Website Builder WordPress plugin. This flaw allowed
CVE-2022-0765 The Loco Translate plugin before 2.6.1 has an
inline events in the source translation strings that can be
accessed by any user.
This issue was fixed in version 2.6.2, released on December 20, 2017. In the latest version, 2.6.5, released on March 27,
Episode
00:00:00
00:00:00