Failles de sécurité Plugins WordPress semaine 23

Failles de sécurité Plugins WordPress semaine 23

Author: WP Serveur

Date: June 4, 2020 

Category: Security

WPServeur vous informe des dernières failles de sécurité plugins et thèmes WordPress connues.

Plugins WordPress :

AdRotate < 5.8.4 - Authenticated SQL Injection JobSearch < 1.5.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) Multi Scheduler <= 1.0.0 - Arbitrary Record Deletion via CSRF bbPress < 2.6.5 - Authenticated Stored Cross-Site Scripting via the forums list table / Unauthenticated Privilege Escalation bbPress 2.6-2.6.5 - Authenticated Privilege Escalation via the Super Moderator feature Final Tiles Gallery < 3.4.19 - Authenticated Stored Cross-Site Scripting (XSS)

Thèmes WordPress :

Careerfy < 3.9.0 - Unauthenticated Reflected Cross-Site Scripting (XSS) Newspaper < 10.3.4 - Authenticated Reflected Cross-Site

This is the first part of the article “Failles de sécurité Plugins WordPress semaine 23“
written by WP Serveur.