Tag Archives: Arbitrary Directory Deletion

1 Jul 2019

Vulnerability Details: Arbitrary File Upload in Insert or Embed Articulate Content into WordPress

One area where WordPress plugins need to be very careful when it comes to security is handling file uploads. The plugin Insert or Embed Articulate Content into WordPress hasn’t been doing that and it seems the developer doesn’t have the capability to handle that.

…

[Read more]

20 Feb 2019

Vulnerability Details: Arbitrary Directory Deletion Vulnerability in WP Fastest Cache

One of the changelog entries for the latest version of WP Fastest Cache is “to fix cache deletion security issue of WP-PostRatings (CVE-2019-6726 by Sebastian Neef)”. That sounds a bit odd since it is referring to a security issue with another plugin, but looking at the development log we found two entries labeled “refactoring of wp_postratings_clear_fastest_cache” that explained what was at issue.

…

[Read more]

Plugin Vulnerabilities

A service to protect your site against vulnerabilities in WordPress plugins.

Tag Archives: Arbitrary Directory Deletion

Vulnerability Details: Arbitrary File Upload in Insert or Embed Articulate Content into WordPress

Vulnerability Details: Arbitrary Directory Deletion Vulnerability in WP Fastest Cache