CVE-2022-27855 - Exploiting CSRF in Fatcat Apps Analytics Cat Plugin for WordPress (<= 1..9)
A serious Cross-Site Request Forgery (CSRF) vulnerability, tracked as CVE-2022-27855, was discovered in the Fatcat Apps *Analytics Cat* plugin (version 1..9 and below) for
CVE-2022-41136 - How a CSRF Flaw Opened Doors to Stored XSS in the Shortcodes Ultimate WordPress Plugin (v5.12. and Below)
If you’re running a WordPress site and use the popular “Shortcodes Ultimate” plugin by Vladimir Anokhin, you might have heard about a dangerous security
CVE-2022-27914 - Reflected XSS in Joomla! com_media Explained with Exploit Details
Joomla! is one of the world’s most popular content management systems (CMS) used by millions of websites. However, between versions 4.. and 4.2.
CVE-2022-41980 - Authenticated XSS Vulnerability in Mantenimiento Web Plugin <= .13 for WordPress
In recent years, WordPress has cemented its place as the world’s most popular CMS. But popularity draws attention not only from developers, but also
CVE-2022-30545 - Exploiting Authenticated Reflected XSS in 5 Anker Connect WordPress Plugin (≤ 1.2.6)
---
Vulnerabilities within WordPress plugins can open the doors for attack, even for sites that seem secure at first glance. One case in point is
Episode
00:00:00
00:00:00