A vulnerability has been found in creativeon WHMCS Client Area Plugin up to 4.3-revision-3 on WordPress and classified as critical. Affected by this vulnerability is the function update_settings of the file /admin/ajax.php of the component Setting Hand…
A vulnerability, which was classified as critical, was found in creativeon WHMpress Plugin up to 6.3-revision-0 on WordPress. Affected is the function whmpress_domain_search_ajax_extended_results of the file /admin/services.php. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).
This vulnerability is traded as CVE-2024-9193. It is possible to launch the attack remotely. There is no exploit available.
A vulnerability classified as problematic was found in xlplugins NextMove Lite Plugin up to 2.19.0 on WordPress. This vulnerability affects the function _submit_uninstall_reason_action. The manipulation leads to missing authorization.
This vulnerabili…
A vulnerability, which was classified as critical, has been found in WP Swings WooCommerce Ultimate Gift Card Plugin up to 2.6.0 on WordPress. This issue affects the function mwb_wgm_preview_mail. The manipulation leads to unrestricted upload.
The ide…
A vulnerability classified as problematic has been found in wpbranch Tabs for WooCommerce Plugin up to 1.0.0 on WordPress. This affects the function product_has_custom_tabs. The manipulation leads to deserialization.
This vulnerability is uniquely ide…
The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant.
Cybersecurity company Kaspersky is trackin…
A vulnerability was found in timstrifler Exclusive Addons for Elementor Plugin up to 2.7.6 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Image Comparison Widget. The manipulation l…
A vulnerability was found in implecode Product Catalog Simple Plugin up to 1.7.11 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function show_products of the component Shortcode Handler. The manipulation leads…
A vulnerability was found in iqonicdesign KiviCare Plugin up to 3.6.7 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation of the argument u_id leads to sql injection.
This vulnerability is traded as CVE-…
A vulnerability was found in tomdever wpForo Forum Plugin up to 2.4.1 on WordPress and classified as problematic. This issue affects the function update. The manipulation leads to information disclosure.
The identification of this vulnerability is CVE…
