Privilege escalation vulnerability in WordPress ND Shortcodes For Visual Composer plugin.
The WordPress ND Shortcodes For Visual Composer plugin (10,000+ active installations), was prone to a critical privilege escalation vulnerability.
Search Results for: csrf
HTML injection vulnerability in WordPress Pirate Forms plugin.
The WordPress Pirate Forms plugin (200,000+ active installations) was prone to an HTML injection vulnerability that could be used to target the administrator.
Unauthenticated Stored XSS in WordPress Coming Soon Page and Maintenance Mode plugin.
The WordPress Coming Soon Page and Maintenance Mode (7,000+ active installations), was prone to unauthenticated stored XSS and settings reset vulnerabilities in version 1.7.8 and below.
Settings change and CSS injection in WordPress Ocean Extra plugin.
The WordPress Ocean Extra plugin, which has over 400,000 active installations, was prone to settings change and CSS injection vulnerabilities in version 1.5.8 and below.