September 4, 2024

Plugin: Front End Users Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodePatched Version: 3.2.29Recommended Action: Update to version 3.2.29, or a newer patched version Plugin: Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking Vulnerability: Cross-Site Request Forgery in Multiple FunctionsPatched Version: 2.11.21Recommended Action: Update to version 2.11.21, or […]

Plugin: AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress Vulnerability: Authenticated (Subscriber+) Arbitrary File Upload via acym_extractArchive FunctionPatched Version: 9.8.0Recommended Action: Update to version 9.8.0, or a newer patched version Plugin: Mollie Payments for WooCommerce Vulnerability: Unauthenticated Full Path DisclosurePatched Version: 7.8.0Recommended Action: Update to version 7.8.0, or a newer patched