The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.7. This is due to the 'RadMoreAjax::importData' function not restricting
The WP-GeoMeta plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wp_ajax_wpgm_start_geojson_import() function in versions 0.3.4 to 0.3.5. This makes i
The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_import_strings() functio
The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the 'wp_ajax_import_data' AJAX action. This makes it possible for authenticated attackers to change
The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'ironMusic_ajax' function in all
The Industrial theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the _ajax_get_total_content_import_item
The Administrator Z plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the adminz_import_backup() functi
The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0. This is due to the plugin not properly restricting user meta values that can be updated thr
The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'save_extra_user_profile_fields' f
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 0.9.2.1. This is due to the 'insert_user' function not restricting
The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the
The WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin for WordPress is vulnerable arbitrary SQL Execution and privilege escalation due to a missing capability check on t
The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data, loss of data, and privilege escalation due to a missing capability check on the Ajax::handle_request() f
The Import and export users and customers plugin for WordPress is vulnerable to Privilege Escalation in all versions up to and including 2.0.8 via the `save_extra_user_profile_fields()` function. This
The Bard Extra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bardxtra_import_xml() function in all versions up to, and including, 1.2
The BM Content Builder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ux_cb_tools_import_item_aj
The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.7. This is due to missing or incorrect nonce validation on the addN
The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.5.13. This is due to insuf
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the `rcp_setup_registration_init()` fun
The Read More & Accordion plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the expmDeleteData() function in all versions up to, and
Page 1+ Next →