The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 126.96.36.199) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. References snapcreek.com/duplicator/docs/changelog/?lite www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/
Common Vulnerabilities and Exposures is a rundown of sections-each containing a recognizable proof number, a portrayal, and no less than one open reference-for freely known cybersecurity vulnerabilities. CVE Entries are utilized in various cybersecurity items and administrations from around the globe.
An issue was discovered in the Responsive Poll through 1.3.4 for WordPress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of Read more
The Media Library Assistant plugin before 2.82 for WordPress suffers from a Local File Inclusion vulnerability in mla_gallery link=download. References wordpress.org/plugins/media-library-assistant/#developers
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication). References openvpn.net/security-advisories/