Failles et vulnérabilités de WordPress

Vulnérabilités WordPress 2021 semaine 19 via Patchstack

Blog Failles et vulnérabilités de WordPress Vulnérabilités WordPress 2021 semaine 19 via Patchstack
0 commentaire

Vulnérabilités découvertes dans les extensions, thèmes et coeur de WordPress du 10 au 16 mai 2021

PowerPress Podcasting

Multiple Authenticated Cross-Site Scripting (XSS) vulnerabilities discovered by Lenon Leite in the WordPress PowerPress Podcasting plugin (versions <= 8.6.1).


External Media

Authenticated Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE) discovered by WordFence in WordPress External Media plugin (versions <= 1.0.33).


LifterLMS

Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by Amirmuhammad Vakili in WordPress LMS by LifterLMS plugin (versions <= 4.21.0).


LifterLMS

Reflected Cross-Site Scripting (XSS) vulnerability discovered by Ashish Jha (Bluefire Redteam) in WordPress LifterLMS plugin (versions <= 4.21.0).


WordPress

Object injection in PHPMailer vulnerability discovered in WordPress (one security issue affecting WordPress versions between 3.7 and 5.7).


Tenez vous à jour !

Merci à Patchstack.com

0 commentaire