MailUp Auto Subscription <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting 27 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
ThemeREX Addons <= 2.32.3 - Unauthenticated Arbitrary File Upload in trx_addons_uploads_save_data 27 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
Eventer <= 3.9.8 - Unauthenticated SQL Injection 27 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
Survey Maker <= 5.1.3.3 - Authenticated (Admin+) Stored Cross-Site Scripting via Survey Question 25 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
WC Affiliate – A Complete WooCommerce Affiliate Plugin <= 2.4 - Reflected Cross-Site Scripting 25 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update 25 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
VikBooking Hotel Booking Engine & PMS <= 1.7.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload 25 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
Multiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrl 25 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
Membership Plugin – Restrict Content <= 3.2.13 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure 25 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article
Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Reflected DOM-Based Cross-Site Scripting via content 25 January 2025 · Trust & Safety (Threat Alert)~ #CyberAdvisory, #InfoSec, #ThreatIntelligenceStay updated on cybersecurity threats to safeguard your systems and data from... Read Full Article