A vulnerability has been found in Access Demo Importer Plugin up to 1.0.6 on WordPress (WordPress Plugin) and classified as critical. This vulnerability affects the function plugin_offline_installer of the file ~/inc/demo-functions.php of the component AJAX Action Handler. Upgrading to version 1.0.7 eliminates this vulnerability.
Access Demo Importer Plugin up to 1.0.6 on WordPress AJAX Action ~/inc/demo-functions.php plugin_offline_installer improper authorization
- Virtual Patching
- October 12, 2021
- 9:05 am
- Virtual Patching
- October 12, 2021
- 9:05 am
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2024-49592 : MCAFEE TRIAL INSTALLER 16.0.53 ACCESS CONTROL
Description McAfee Trial Installer 16.0.53 has Incorrect Access Control that leads to Local Escalation of Privileges. References https://www.mcafee.com/support/s/article/000002516?language=en_US For More
CVE-2024-10934 : OPENBSD UP TO 7.4 ERRATA 020/7.5 ERRATA 007 NFS CLIENT/NFS SERVER DOUBLE FREE
Description In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS
CVE-2024-40638 : GLPI UP TO 10.0.16 SQL INJECTION
Description GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities.