CVE-2023-51484 - Improper Authentication Vulnerability in "Login as User or Customer" (User Switching) WordPress Plugin Leads to Privilege Escalation
There is a recently discovered vulnerability in the plugin named "Login as User or Customer" (User Switching) which allows an attacker to escalate
CVE-2023-51477 - Improper Authentication Vulnerability in BuddyBoss Theme Exposes Functions and ACL Constraints
---
Summary
A newly discovered improper authentication vulnerability exists in the BuddyBoss Theme through versions 2.4.60. This vulnerability is labeled as CVE-2023-51477 and
CVE-2023-48763: Basic XSS Vulnerability in Crocoblock's JetFormBuilder Plugin Allows Code Injection
A Basic Cross-Site Scripting (XSS) vulnerability has been discovered in the popular Crocoblock JetFormBuilder plugin for WordPress. This vulnerability allows attackers to inject malicious code,
CVE-2024-28890: Forminator Plugin Unrestricted File Upload Vulnerability in Versions Prior to 1.29.
Recently, a serious vulnerability, CVE-2024-28890, was identified in the Forminator plugin before version 1.29., which is widely used in various websites. This vulnerability is
CVE-2024-31077: Forminator SQL Injection Vulnerability Affecting Versions Prior to 1.29.3 – Exploit Details, Code Snippet, and Fixes
CVE-2024-31077 refers to a dangerous SQL injection vulnerability present in Forminator, a popular WordPress plugin, affecting versions prior to 1.29.3. This vulnerability can
Episode
00:00:00
00:00:00