The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users who are registering new a
The Clasifico Listing plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0. This is due to the plugin allowing users who are registering new accounts to set
The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. The plugin’s registration hand
The Event List plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.0.4. This is due to the plugin not properly validating a user's capabilities prior to
The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.5. This is due to the 'findall_listing_user_registration_additional_params' fun
The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.2.0. This is due to the stm_listing_profile_edit A
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user regi
The DWT - Directory & Listing WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3.6. This is due to the plugin not
The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the use of the property_package_user_role metadata in versions 1.0.5 to 1.0.6. This makes i
The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the rp_user_profile() AJAX handler in versions 0.1.0 through 0.3.9. The handler
The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user
The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wp_user.php file in versions 1.2.10 to 1.3.0. This makes it possible fo
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 0.9.2.1. This is due to the 'insert_user' function not restricting
The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a misconfigured
The WP Job Board Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to 2.3.16. This is due to the plugin allowing a user to supply the 'role' field when registering. Thi
The Doccure Core plugin for WordPress is vulnerable to privilege escalation in versions up to, and excluding, 1.5.4. This is due to the plugin allowing users who are registering new accounts to set th
The Buyent Classified plugin for WordPress (bundled with Buyent theme) is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugi
The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0. This is due to the plugin not properly restricting user meta values that can be updated thr
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 5.2.7. This is d
Page 1+ Next →