Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2022-41155: iQ Block Country

Block BYPASS vulnerability in iQ Block Country plugin <= 1.2.18 on WordPress.

CVE
Open in Source
#sql#vulnerability#web#google#cisco#wordpress#php#perl#pdf#auth#ssl
CVE-2022-45369: WordPress Plugin for Google Reviews plugin <= 2.2.2 - Auth. Broken Access Control vulnerability - Patchstack

Auth. (subscriber+) Broken Access Control vulnerability in Plugin for Google Reviews plugin <= 2.2.2 on WordPress.

CVE-2022-43492: Comments – wpDiscuz

Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz plugin 7.4.2 on WordPress.

CVE-2022-44740: Creative Mail – Easier WordPress & WooCommerce Email Marketing

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress.

CVE-2022-44634: S2W – Import Shopify to WooCommerce

Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <= 1.1.12 on WordPress.

CVE-2022-44583: WatchTowerHQ

Unauth. Arbitrary File Download vulnerability in WatchTowerHQ plugin <= 3.6.15 on WordPress.

CVE-2022-42883: WordPress Quiz And Survey Master plugin <= 7.3.10 - Sensitive Information Disclosure vulnerability - Patchstack

Sensitive Information Disclosure vulnerability discovered by Quiz And Survey Master plugin <= 7.3.10 on WordPress.

CVE-2022-42698: WordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary File Upload vulnerability - Patchstack

Unauth. Arbitrary File Upload vulnerability in WordPress Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress.