Jan 14, 2020 | WordPress Vulnerabilities
Proof of Concept It is possible to login as an administrator on the site due to logical mistakes in the code. The issue resides in wptc-cron-functions.php line 12 where it parses the request. This parse_request function calls the function decode_server_request_wptc...
Jan 3, 2020 | WordPress Vulnerabilities
DescriptionThe export_users_csv function, registered as an authenticated AJAX call and allowing to export users, was missing the authorisation/capability check. CSRF check was in place, reducing the severity of the issue. Only version 1.15 seems to be affected as the...
Jan 3, 2020 | WordPress Vulnerabilities
Description”A code injection vulnerability was discovered by our team during a routine code audit that could allow logged in contributors, authors and editors to execute a small set of PHP functions.” Affected: Divi version 3.23 and above, Extra 2.23 and...
Dec 27, 2019 | WordPress Vulnerabilities
DescriptionThe gdpr_cookie_compliance_reset_settings AJAX action registered for authenticated users lacks authorisation and CSRF checks, allowing unauthorised authenticated users to call it, which would result in the settings being reset.
Nov 28, 2019 | WordPress Vulnerabilities
<html> <body> <form action=”http://URL/wp-admin/admin.php?page=wp-maintenance” method=”POST”> <input type=”hidden” name=”action” value=”update_general” /> <input...
Nov 8, 2019 | WordPress Vulnerabilities
Video POC (for <= 1.9.4): https://drive.google.com/open?id=19-sin0HB97L0tPMUAaGjgE5KjP4lXSuw Create a SVG with payload below to trigger XSS: “`<?xml version=”1.0″ standalone=”no”?> <svg viewBox=”0 0 100 100″...
