Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2022-44737: WordPress All In One WP Security plugin <= 5.1.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities - Patchstack

Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress.

CVE
#csrf#vulnerability#ios#wordpress
CVE-2022-45363: WordPress Betheme premium theme <= 26.6.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Auth. (subascriber+) Stored Cross-Site Scripting (XSS) in Muffingroup Betheme theme <= 26.6.1 on WordPress.

WordPress BeTheme 26.5.1.4 PHP Object Injection

WordPress BeTheme theme version 26.5.1.4 suffers from multiple PHP object injection vulnerabilities when processing input.

CVE-2022-3861: Vulnerability Advisories Continued - Wordfence

The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 26.5.1.4 via deserialization of untrusted input supplied via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfn_builder_import, mfn_builder_import_page, importdata, importsinglepage, and importfromclipboard functions. This makes it possible for authenticated attackers, with contributor level permissions and above to inject a PHP Object. The additional presence of a POP chain would make it possible for attackers to execute code, retrieve sensitive data, delete files, etc..

CVE-2022-3763

The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.5, Booster Elite for WooCommerce WordPress plugin before 1.1.7 do not have CSRF check in place when deleting files uploaded at the checkout, allowing attackers to make a logged in shop manager or admin delete them via a CSRF attack

CVE-2022-3762

The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.5, Booster Elite for WooCommerce WordPress plugin before 1.1.7 do not validate files to download in some of its modules, which could allow ShopManager and Admin to download arbitrary files from the server even when they are not supposed to be able to (for example in multisite)

CVE-2022-3753

The Evaluate WordPress plugin through 1.0 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).

CVE-2022-3720

The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users

CVE-2022-3691

The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive information in its log files (which are publicly accessible), including DeepL API key.

CVE-2022-3690

The Popup Maker WordPress plugin before 1.16.11 does not sanitise and escape some of its Popup options, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)