Failles de sécurité Plugins WordPress semaine 12

Failles de sécurité Plugins WordPress semaine 12

Author: WP Serveur

Date: March 17, 2020 

Category: Security

WPServeur vous informe des dernières failles de sécurité plugins et thèmes WordPress connues.

Plugins WordPress :

LearnPress < 3.2.6.7 - Privilege Escalation WordPress File Upload < 4.13.0 - Directory Traversal to RCE Popup Builder < 3.64.1 - Multiple Issues Font Awesome 4.0.0-RC15 & RC16 - API Token & Access Token Disclosure Import Export WordPress Users < 1.3.9 - Authenticated Arbitrary User Creation MStore API < 2.1.6 - Unauthenticated Arbitrary Account Creation/Edition Multiple WebToffee Plugins - Cross-Site Request Forgery (CSRF) Issue

Thèmes WordPress :

Fruitful < 3.8.2 - Authenticated Stored XSS & Theme Options Deletion Fruitful Theme <= 3.8 - Unauthenticated

This is the first part of the article “Failles de sécurité Plugins WordPress semaine 12“
written by WP Serveur.