MagicForm – WordPress Form Builder <= 1.6.2 - Missing Authorization

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

Jupiter X Core <= 4.8.7 - Authenticated (Contributor+) SVG Upload to Local File Inclusion (Remote Code Execution)

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

Jupiterx Core <= 4.8.7 - Authenticated (Contributor+) Arbitrary File Read

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

Directorist – AI-Powered WordPress Business Directory Plugin with Classified Ads Listings <= 8.0.12 - Unauthenticated User Information Exposure

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

aThemes Addons for Elementor <= 1.0.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

WordPress Contact Forms by Cimatti <= 1.9.4 - Missing Authorization to Unauthenticated Form Submission Download

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

WooCommerce Customers Manager <= 31.3 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

RapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting Reset

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

ELEX WordPress HelpDesk & Customer Ticketing System <= 3.2.6 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article

Site Search 360 <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

• 31 January 2025 · Trust & Safety
• (Threat Alert)
• ~ #CyberAdvisory, #InfoSec, #ThreatIntelligence

Stay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article