CVE-2024-35746 - Exploiting Unrestricted File Upload in BuddyPress Cover (<=2.1.4.2)
If you’re running a WordPress site with social networking features, there’s a decent chance you use the BuddyPress plugin. One popular add-on for
CVE-2024-22298 - Missing Authorization in TMS Amelia Bookings Plugin Can Lead to Unauthorized Access — Detailed Breakdown
In June 2024, CVE-2024-22298 was assigned to a critical security flaw found in the widely-used TMS Amelia WordPress plugin (also known as ameliabooking). This vulnerability
CVE-2024-32081 - How a Missing Authorization Vulnerability in Websupporter Filter Custom Fields & Taxonomies Light Puts WordPress Sites at Risk
The WordPress ecosystem is rich with plugins that make it easy to customize websites. But sometimes, plugins bring not just features, but also dangerous security
CVE-2024-31252 - Exploiting Missing Authorization in dFactory Responsive Lightbox (<=2.4.6)
WordPress plugins are a favorite target for attackers, and missing authorization bugs can lead to devastating consequences. CVE-2024-31252 is one such critical vulnerability, identified in
CVE-2024-31244 - Missing Authorization in Bricksforge up to 2..17 – Full Exploit Breakdown
In May 2024, a critical security hole, CVE-2024-31244, was discovered in the popular WordPress plugin, Bricksforge, up to and including version 2..17. This flaw
Episode
00:00:00
00:00:00