The directory-pro WordPress plugin before 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin before 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress plugin before 1.0.9, real-estate-pro WordPress plugin before 1.7.1, institutions-directory WordPress plugin before 1.3.1, lawyer-directory WordPress plugin before 1.2.9, doctor-listing WordPress plugin before 1.3.6, Hotel Listing WordPress plugin before 1.3.7, fitness-trainer WordPress plugin before 1.4.1, wp-membership WordPress plugin before 1.5.7, sold by the same developer (e-plugins), do not implementing any security measures in some AJAX calls. For example in the file plugin.php, the function iv_directories_update_profile_setting() uses update_user_meta with any data provided by the ajax call, which can be used to give the logged in user admin capabilities. Since the plugins allow user registration via a custom form (even if the blog does not allow users to register) it makes any site using it vulnerable.
More Stories
dotnet8.0-8.0.105-1.fc40
FEDORA-2024-56fb9c0762 Packages in this update: dotnet8.0-8.0.105-1.fc40 Update description: This is the May 2024 release for .NET 8. This is a...
webkitgtk-2.44.2-1.fc40
FEDORA-2024-1f37da80ec Packages in this update: webkitgtk-2.44.2-1.fc40 Update description: Make gamepads visible on axis movements, and not only on button presses....
webkitgtk-2.44.2-1.fc39
FEDORA-2024-3b912f1f3e Packages in this update: webkitgtk-2.44.2-1.fc39 Update description: Make gamepads visible on axis movements, and not only on button presses....
thunderbird-115.11.0-1.fc38
FEDORA-2024-22d4bc998d Packages in this update: thunderbird-115.11.0-1.fc38 Update description: Update to 115.11.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/ https://www.thunderbird.net/en-US/thunderbird/115.11.0/releasenotes/ Read More
chromium-125.0.6422.60-1.el8
FEDORA-EPEL-2024-1fb3cec2e0 Packages in this update: chromium-125.0.6422.60-1.el8 Update description: update to 125.0.6422.60 High CVE-2024-4947: Type Confusion in V8 High CVE-2024-4948: Use...
chromium-125.0.6422.60-1.el9
FEDORA-EPEL-2024-38d250bafc Packages in this update: chromium-125.0.6422.60-1.el9 Update description: update to 125.0.6422.60 High CVE-2024-4947: Type Confusion in V8 High CVE-2024-4948: Use...