Skip to content

Security For WordPress Plugin Vulnerabilities

莆田SEO网络安全研究

Wordpress Plugins Vulnerabilities

SEO Scout plugin <= 0.9.83 未经验证的函数调用导致配置修改

- August 26, 2022 - admin

由于没有对AJAX异常调用的时候进行nonce验证和当前角色权限的判断,从而导致了CSRF漏洞
漏洞详情—>https://patchstack.com/database/vulnerability/ab-rankings-testing-tool/wordpress-seo-scout-plugin-0-9-83-cross-site-request-forgery-csrf-vulnerability

Post navigation

Multivendor Marketplace Solution for WooCommerce < 3.8.12 - 未经授权的函数调用
accommodation-system < = 1.0.1 subscriber权限下CSRF漏洞导致敏感信息泄露

Recent Posts

  • CENTOS7 下安装mongodb
  • WordPress Read more By Adam plugin <= 1.1.8 - CSRF漏洞
  • WordPress Add Shortcodes Actions And Filters plugin <= 2.0.9 管理员后台出现XXS漏洞
  • WordPress YDS Support Ticket System plugin <= 1.0 -CSRF漏洞
  • WordPress PCA Predict plugin <= 1.0.3 管理员后台的XXS漏洞

Tags

Content Mask press elements exploit press elements vulnerabilities reserve ip lookup same ip website wordpress vulnerabilities wordpress插件安全,wordpress plugin vulnerabilities wordpress 插件漏洞,wordpress 漏洞 同服网站查询,同服网站查询

Archives

  • September 2022
  • August 2022
  • July 2022
  • May 2022
  • March 2022

Categories

  • linux日常
  • Tools for site analysis
  • Wordpress Plugins Vulnerabilities
Security For WordPress Plugin Vulnerabilities by PtsFence.