CVE-2023-47838 - Exploiting Missing Authorization in Conditional Fields for Contact Form 7 (n/a–2.4.1)
On November 22, 2023, CVE-2023-47838 was published, describing a Missing Authorization vulnerability in the popular WordPress plugin, Conditional Fields for Contact Form 7 by Jules
CVE-2023-47871 - Exploiting Missing Authorization in IT Path Solutions Contact Form to Any API (up to v1.1.6)
CVE-2023-47871 is a critical security vulnerability affecting the WordPress plugin Contact Form to Any API by IT Path Solutions, versions up to and including 1.
CVE-2024-12209 - How a WordPress Plugin Backup Feature Lets Hackers Take Over Your Site
In early 2024, a critical vulnerability was discovered in the WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress. This plugin is often used
CVE-2024-11457 - Feedpress Generator Plugin Exploit – Reflected XSS in WordPress
In early 2024, a security vulnerability was discovered in the popular Feedpress Generator – External RSS Frontend Customizer plugin for WordPress. The plugin lets website owners
CVE-2024-11380 - Stored XSS in WordPress Mini Program API Plugin (qvideo Shortcode) All Versions ≤ 1.4.5 – Explained & Exploited
WordPress is the world’s favorite CMS, but sometimes its power comes with risk. On February 26, 2024, a security flaw was reported in the
Episode
00:00:00
00:00:00