The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.6.8.2 via the 'render_content_block_template' function. This
The Home Villas | Real Estate WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wp_rem_cs_widget_file_delete' function in al
The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpe_delete_file AJAX action in all versions up to, and including, 1.8
The LWS Cleaner plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'lws_cl_delete_file' function in all versions up to, and including, 2.4.1.
The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to unauthorized file deletion in versions up to, and including, 4.3.2.2 via the /wp-json/lp/v1/material/{file_id} REST API endpoint. T
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.1
The Kallyas theme for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the delete_font() function in all versions up to, and including, 4.21.0. This mak
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data(
The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data() function in a
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfm_delete_multiple_files() function in all versions up to, a
The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to unauthorized modification and deletion of data due to a missing capability checks on multi
The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'file' parameter in the file deletion functionality. This is due to insuf
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the savePackage function in all versions up to, and including, 3.3.12. Th
The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the 'delpdf' action in all versions up to, and includ
The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'database_backup_ajax_d
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpf_delete_file and wp
The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the view_page function in all versio
The Attachment Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the handle_actions() function in all versions up to, and including, 2.1
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to arbitrary post deletion due to a missing capability check on the 'llms_delete_cert' action in all
Page 1+ Next →