CVE-2023-40003 - Exploiting Missing Authorization in weDevs WP Project Manager (n/a – 2.6.7)
WordPress plugins are awesome for building and managing your website, but sometimes small mistakes can lead to big security problems. One such problem was found
CVE-2023-39305 - How Missing Authorization in YetAnotherStarsRating.com Lets Attackers Exploit Your WordPress Stars Ratings
CVE-2023-39305 is a security vulnerability discovered in the popular WordPress plugin Yet Another Stars Rating (YASR). This vulnerability exists in every version up
CVE-2023-33998 - Missing Authorization in Easy Social Icons Plugin – Detailed Exploit Breakdown
---
Overview
In June 2023, a vulnerability was discovered and published as CVE-2023-33998, affecting the popular WordPress plugin Easy Social Icons (versions up to
CVE-2023-39920 - Exposing Your WordPress Site with Missing Authorization in Redirection for Contact Form 7
CVE-2023-39920 is a security vulnerability that affects the popular WordPress plugin Redirection for Contact Form 7 (versions up to 2.9.2). This
CVE-2024-11275 - Critical Vulnerability in WP Timetics Plugin Lets Customers Delete Any Users – Full Analysis & Exploit Demo
Discovered: Early 2024
Severity: High
Affected Plugin: WP Timetics
Vulnerable Versions: ≤ 1..27
Plugin Purpose: Appointment booking & scheduling with AI features
Bug Type: Broken
Episode
00:00:00
00:00:00