17 Jan

Vulnerability Details: Cross-Site Request Forgery (CSRF)/Remote Code Execution (RCE) in Companion Revision Manager

This Vulnerability Details post about a vulnerability in the plugin Companion Revision Manager provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

16 Jan

Vulnerability Details: Privilege Escalation in SG Optimizer

This Vulnerability Details post about a vulnerability in the plugin SG Optimizer provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

16 Jan

Vulnerabilty Details: Reflected Cross-Site Scripting (XSS) in spam-byebye

Our Vulnerability Details posts provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

14 Jan

Vulnerability Details: Authenticated Arbitrary File Viewing in Health Check & Troubleshooting

This Vulnerability Details post about a vulnerability in the plugin Health Check & Troubleshooting provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

08 Jan

Vulnerability Details: Cross-Site Request Forgery (CSRF)/SQL Injection in Ninja Forms

This Vulnerability Details post about a vulnerability in the plugin Ninja Forms provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

04 Jan

Vulnerability Details: Reflected Cross-Site Scripting (XSS) in Ninja Forms

This Vulnerability Details post about a vulnerability in the plugin Ninja Forms provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

03 Jan

Vulnerability Details: Arbitrary File Upload in JS Job Manager

This Vulnerability Details post about a vulnerability in the plugin JS Job Manager provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

20 Dec

Vulnerability Details: Arbitrary File Upload In LearnPress

This Vulnerability Details post about a vulnerability in the plugin LearnPress provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

18 Dec

Vulnerability Details: Privilege Escalation in Under Construction 

This Vulnerability Details post about a vulnerability in the plugin Under Construction provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

14 Dec

Vulnerability Details: Reflected Cross-Site Scripting (XSS) in WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

This Vulnerability Details post about a vulnerability in the plugin WooCommerce PDF Invoices Packing Slips Delivery Notes & Shipping Labels provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.