Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2022-41692: WordPress Appointment Hour Booking plugin <= 1.3.71 - Missing Authorization vulnerability - Patchstack

Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress.

CVE
Open in Source
#vulnerability#wordpress#auth
CVE-2022-45066: WordPress WooSwipe WooCommerce Gallery plugin <= 2.0.1 - Auth. Broken Access Control vulnerability - Patchstack

Auth. (subscriber+) Broken Access Control vulnerability in WooSwipe WooCommerce Gallery plugin <= 2.0.1 on WordPress.

CVE-2022-44736: WordPress Chameleon plugin <= 1.4.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Chameleon plugin <= 1.4.3 on WordPress.

CVE-2022-45069: WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability - Patchstack

Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress.

CVE-2022-45077: WordPress Betheme theme <= 26.5.1.4 - Auth. PHP Object Injection vulnerability - Patchstack

Auth. (subscriber+) PHP Object Injection vulnerability in Betheme theme <= 26.5.1.4 on WordPress.