CVE-2020-28650: WordPress plugin vulnerability

November 26, 2020 0

The WPBakery plugin before 6.4.1 for WordPress allows XSS because it calls kses_remove_filters to disable the standard WordPress XSS protection mechanism for the Author and Contributor roles. How to mitigate CVE-2020-28650 Time needed: 5 minutes. Follow Read more

CVE-2020-28649: WordPress plugin vulnerability

November 26, 2020 0

The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file. How to mitigate CVE-2020-28649 Time needed: 5 minutes. Follow the instructions, as they will assist you in mitigating the WordPress vulnerability that been reported in Read more

CVE-2020-24063: WordPress plugin vulnerability

November 26, 2020 0

The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF. How to mitigate CVE-2020-24063 Time needed: 5 minutes. Follow the instructions, as they will assist you in mitigating the WordPress vulnerability that been reported in CVE-2020-24063. Install Read more

1 2 3 8