DescriptionWordPress Plugin Plugin Chained Quiz before 1.1.8.2 suffers from a Reflected XSS vulnerability in the 'total_questions' POST parameter when a user completes a quiz. The code in question accepts the 'total_questions' parameter without escaping the special...
At WP Engine, we know our customers come to us for a fully managed, high performing WordPress digital experience platform. To meet customer needs, we’re constantly looking for ways to tweak our platform and make sure our customers are running the fastest and most...
Are you worried about the security of your WordPress plugin or theme? Are you sure they are safe to use? You should watch for these top 10 OWASP risks.You’re right to worry about whether your software is secure. As much as developers would like to create airtight...
Do you have multiple users on your WordPress website? Did you know hackers can exploit user accounts to take full control of your website? They can do this by taking advantage of what is known as a privilege escalation vulnerability.These vulnerabilities appear in...
DescriptionReflected Cross Site Scripting (XSS) issue on the [ld_profile] search field. First reported to Learndash on January 14, 2020, and update 3.1.2 to fix it was released same day. This report is based on an email LearnDash sent out to their users on January 14,...
DescriptionReflected XSS was discovered in the «ListingPro - WordPress Directory Theme», tested version — v2.5.3 Edit - WPScanTeam: January 13th, 2020 - Report Received & Envato Contacted January 13th, 2020 - Envato Investigating January 15th, 2020 - Theme...
We’ve come along way since WordPress was first launched. Back in the day, the feature called XML-RPC was extremely useful. In a time with slow internet speed and constant lags, it was difficult to write content online in real-time, like we do now. The XML-RPC function...
DescriptionMultiple vulnerabilities was discovered in the «Real Estate 7 WordPress», tested version — v2.9.4: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - Authenticated Persistent Self-XSS - IDOR - Information Exposure Edit (WPScanTeam): January...
DescriptionReflected & Persistent XSS vulnerability was discovered in the «Travel Booking WordPress Theme», tested version — v2.7.8.5 Edit (WPScanTeam): January 11th, 2020 - Report received & Envato contacted January 12th, 2020 - Report updated with Reflected...
DescriptionMultiple vulnerabilities was discovered in the «EasyBook – Directory & Listing WordPress Theme», tested version — v1.2.1: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR December 27th, 2019 - Envato Contacted January 6th, 2020 -...
DescriptionMultiple vulnerabilities was discovered in the «TownHub - Directory & Listing WordPress Theme», tested version — v1.0.2: - Unauthenticated XSS - Authenticated Persistent XSS - IDOR Edit (WPScanTeam): December 27h, 2019 - Envato Contacted January 5th,...
DescriptionMultiple vulnerabilities was discovered in the «CityBook - Directory & Listing WordPress Theme», tested version — v2.3.3: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR Edit (WPScanTeam): December 27h, 2019 - Envato Contacted...
We all know how important it is to keep the WordPress core, plugins, and themes up to date. Failing to do so will leave your website exposed to malicious hacks.Luckily, WordPress has had automatic background updates since version 3.7. However, by default automatic...
Proof of Concept It is possible to login as any administrator on the site due to logical mistakes in the code. The issue resides in the function iwp_mmb_set_request which is located in the init.php file. This checks if the request_params array of the core class is not...
Proof of Concept It is possible to login as an administrator on the site due to logical mistakes in the code. The issue resides in wptc-cron-functions.php line 12 where it parses the request. This parse_request function calls the function decode_server_request_wptc...
DescriptionThis plugin had no nonce checks on any of the settings to verify that a request came from a legitimate source, such as a logged in administrative user. Therefore, creating a CSRF to stored XSS in addition to significant setting changes. Source
We are starting 2020 with a bang! Today we are excited to release version 4 of WP Security Audit Log. This update is by far the biggest one we have done since we launched this plugin. Version 4 features the all new WordPress activity logs. Now it is much easier to...
A few weeks ago, our threat intelligence team discovered several vulnerabilities present in Minimal Coming Soon & Maintenance Mode – Coming Soon Page, a WordPress plugin installed on over 80,000 websites. The most severe weakness allowed for an attacker to exploit...
Looking for a nulled WordPress theme or plugin? But before you install and activate a nulled software on your website, have you considered the consequences of using them?If you are looking to cut costs, you may be tempted to use multipurpose WordPress theme and...
DescriptionThe export_users_csv function, registered as an authenticated AJAX call and allowing to export users, was missing the authorisation/capability check. CSRF check was in place, reducing the severity of the issue. Only version 1.15 seems to be affected as the...
Description"The Postie plugin for WordPress only allows posting of articles submitted by authorized users through a mailing list registered in the plugin settings. However through the email sender's spoofing technique, it was possible to bypass the plugin settings and...
