CVE-2023-4810 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The Responsive Pricing Table WordPress plugin before 5.1.8 does not sanitise and escape some of its settings, which…
CVE-2023-5454 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The Templately WordPress plugin before 2.2.6 does not properly authorize the `saved-templates/delete` REST API call, allowing unauthenticated users…
CVE-2023-5355 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing…
When you need to analyze some suspicious pieces of code, it’s interesting to detonate them in a sandbox. If you don’t have a complete sandbox environment available or you just want to avoid generatin noise on your network, why not route the traffic to a sinkhole or NULL-route (read: packets won’t be sent across the normal…
CVE-2023-5352 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpas_edit_reply function, allowing users to edit…
CVE-2023-5181 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The WP Discord Invite WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which…
CVE-2023-5082 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The History Log by click5 WordPress plugin before 1.0.13 does not properly sanitise and escape a parameter before…
CVE-2023-5354 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The Awesome Support WordPress plugin before 6.1.5 does not sanitise and escape a parameter before outputting it back…
CVE-2023-5228 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The User Registration WordPress plugin before 3.0.4.2 does not sanitize and escape some of its settings, which could…
CVE-2023-4930 Detail Modified This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes. Description The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the directories where…
