Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2022-44577: WordPress Export Users With Meta plugin <= 0.6.8 - Auth. CSV Injection vulnerability - Patchstack

Auth. CSV Injection vulnerability in Export Users With Meta plugin <= 0.6.8 on WordPress.

CVE
Open in Source
#vulnerability#wordpress#auth
CVE-2022-44591: WordPress Anthologize plugin <= 0.8.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anthologize plugin <= 0.8.0 on WordPress.

CVE-2022-40200: WordPress wpForo Forum plugin <= 2.0.9 - Arbitrary File Upload vulnerability - Patchstack

Auth. (subscriber+) Arbitrary File Upload vulnerability in wpForo Forum plugin <= 2.0.9 on WordPress.

CVE-2022-40694: WordPress News Announcement Scroll plugin <= 8.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in News Announcement Scroll plugin <= 8.8.8 on WordPress.

CVE-2022-41791: WordPress ProfileGrid plugin <= 5.1.6 - Auth. CSV Injection vulnerability - Patchstack

Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress.

CVE-2022-45072: WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.