Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2022-44740: Creative Mail – Easier WordPress & WooCommerce Email Marketing

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress.

CVE
#csrf#vulnerability#web#wordpress#intel#php
CVE-2022-44634: S2W – Import Shopify to WooCommerce

Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <= 1.1.12 on WordPress.

CVE-2022-44583: WatchTowerHQ

Unauth. Arbitrary File Download vulnerability in WatchTowerHQ plugin <= 3.6.15 on WordPress.

CVE-2022-42883: WordPress Quiz And Survey Master plugin <= 7.3.10 - Sensitive Information Disclosure vulnerability - Patchstack

Sensitive Information Disclosure vulnerability discovered by Quiz And Survey Master plugin <= 7.3.10 on WordPress.

CVE-2022-42698: WordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary File Upload vulnerability - Patchstack

Unauth. Arbitrary File Upload vulnerability in WordPress Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress.

CVE-2022-40698: WordPress Quiz And Survey Master plugin <= 7.3.10 - Cross-Site Scripting (XSS) vulnerability - Patchstack

Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.