Watch Out Wednesday – August 28, 2024
Plugin: AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress Vulnerability: Authenticated (Subscriber+) Arbitrary File Upload via acym_extractArchive FunctionPatched Version: 9.8.0Recommended Action: Update to version 9.8.0, or a newer patched version Plugin: User Private Files – WordPress File Sharing Plugin Vulnerability: Insecure Direct Object Reference to Authenticated (Subscriber+) Private File AccessPatched Version: […]