مجموعه آسیب‌پذیری‌ها‌ با سطح خطر بالا در WordPress

شناسایی مجموعه آسیب‌پذیری‌ها‌ با سطح خطر بالا در WordPress، شامل افزونه‌های Otter Blocks نسخه قبل از 2.6.6، Support Genix تا نسخه 1.2.3، EnvialoSimple EnvíaloSimple تا نسخه 2.2، ThimPress LearnPress تا نسخه 4.0.3، Mat Bao Corp WP Helper Premium قبل از نسخه 4.6.0، Deepak anand WP Dummy Content Generator تا نسخه 3.2.1، ThemeKraft WooBuddy تا نسخه  3.4.20، Photo Gallery Team Photo Gallery by 10Web تا نسخه 1.8.21،extendWP Import Content  درWordPress  و WooCommerce  تا نسخه 4.2، Zachary Segal CataBlog  تا نسخه 1.7.0، Smartypants SP Project & Document Manager تا نسخه 4.71، looks_awesome Superfly Menu  تا نسخه 5.0.25، Averta Master Slider  تا نسخه 3.9.5، OnTheGoSystems WooCommerce Multilingual & Multicurrency  تا نسخه 5.3.3.1،Designinvento DirectoryPress  تا نسخه 3.6.7،Melapress WP 2FA  تا نسخه 2.6.2، Archetyped Cornerstone  تا نسخه 0.8.0،Ashish Ajani WP Simple HTML Sitemap  تا نسخه 2.8، 0،Web Slider by 10Web  تا نسخه 1.2.54، Bowo Debug Log Manager  تا نسخه 2.3.1، impleCode eCommerce Product Catalog تا نسخه 3.3.32، hwk-fr WP 404 Auto Redirect to Similar Post تا نسخه 1.0.4، VIICTORY MEDIA LLC Z Y N I T H تا نسخه 7.4.9، VikBooking Hotel Booking Engine & PMS تا نسخه 1.6.7، Designinvento DirectoryPress تا نسخه 3.6.7،Ashish Ajani WP Simple HTML Sitemap  تا نسخه 2.8، Poll Maker – Best WordPress Poll همه نسخه‌ها تا، و از جمله، 5.1.8،Genesis Blocks  نسخه قبل از 3.1.3، به دلیل سریال‌زدایی از آسیب‌پذیری داده‌های غیرقابل اعتماد و مجوز از دست رفته امکان تزریق کد، پیمایش مسیر، تزریق SQL و XSS را برای مهاجم فراهم می‌سازد.

شناسه آسیب‌پذیری شدت آسیب‌پذیری لینک راهکار توضیحات
Vendor NVD
CVE-2023-49742   نامشخص https://patchstack.com/database/vulnerability/support-genix-lite/wordpress-support-genix-plugin-1-2-3-broken-access-control-lead-to-arbitrary-file-upload-vulnerability?_s_id=cve 9.9
CVE-2024-2729   نامشخص https://wpscan.com/vulnerability/5014f886-020e-49d1-96a5-2159eed8ba14/  
CVE-2024-32587   نامشخص https://patchstack.com/database/vulnerability/envialosimple-email-marketing-y-newsletters-gratis/wordpress-envialosimple-plugin-2-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32588   نامشخص https://patchstack.com/database/vulnerability/learnpress-import-export/wordpress-learnpress-export-import-plugin-4-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32595   نامشخص https://patchstack.com/database/vulnerability/wp-helper-lite/wordpress-wp-helper-premium-plugin-4-6-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32599   نامشخص https://patchstack.com/database/vulnerability/wp-dummy-content-generator/wordpress-wp-dummy-content-generator-plugin-3-2-1-arbitrary-code-execution-vulnerability?_s_id=cve 10.0
CVE-2024-32603   نامشخص https://patchstack.com/database/vulnerability/wc4bp/wordpress-woobuddy-plugin-3-4-20-php-object-injection-vulnerability?_s_id=cve 8.5
CVE-2024-32583   نامشخص https://patchstack.com/database/vulnerability/photo-gallery/wordpress-photo-gallery-by-10web-plugin-1-8-21-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32585   نامشخص https://patchstack.com/database/vulnerability/content-excel-importer/wordpress-import-content-in-wordpress-woocommerce-with-excel-plugin-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2023-47843   نامشخص https://patchstack.com/database/vulnerability/catablog/wordpress-catablog-plugin-1-7-0-arbitrary-file-deletion-vulnerability?_s_id=cve 7.6
CVE-2024-32551   نامشخص https://patchstack.com/database/vulnerability/sp-client-document-manager/wordpress-sp-project-document-manage-plugin-4-71-sql-injection-vulnerability?_s_id=cve 7.6
CVE-2024-32553   نامشخص https://patchstack.com/database/vulnerability/superfly-menu/wordpress-superfly-menu-plugin-5-0-25-subscriber-site-wide-stored-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32600   نامشخص https://patchstack.com/database/vulnerability/master-slider/wordpress-master-slider-plugin-3-9-5-php-object-injection-vulnerability?_s_id=cve 8.3
CVE-2024-32602   نامشخص https://patchstack.com/database/vulnerability/woocommerce-multilingual/wordpress-woocommerce-multilingual-multicurrency-plugin-5-3-3-1-sql-injection-vulnerability?_s_id=cve 7.6
CVE-2024-32563   نامشخص https://patchstack.com/database/vulnerability/vikbooking/wordpress-vikbooking-hotel-booking-engine-pms-plugin-1-6-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32567   نامشخص https://patchstack.com/database/vulnerability/directorypress/wordpress-directorypress-plugin-3-6-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32568   نامشخص https://patchstack.com/database/vulnerability/wp-2fa/wordpress-wp-2fa-plugin-2-6-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32570   نامشخص https://patchstack.com/database/vulnerability/cornerstone/wordpress-cornerstone-plugin-0-8-0-reflected-cross-site-scripting-xss-vulnerability-2?_s_id=cve 7.1
CVE-2024-32574   نامشخص https://patchstack.com/database/vulnerability/wp-simple-html-sitemap/wordpress-wp-simple-html-sitemap-plugin-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32578   نامشخص https://patchstack.com/database/vulnerability/slider-wd/wordpress-sliderby10web-plugin-1-2-54-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32582   نامشخص https://patchstack.com/database/vulnerability/debug-log-manager/wordpress-debug-log-manager-plugin-2-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32558   نامشخص https://patchstack.com/database/vulnerability/ecommerce-product-catalog/wordpress-ecommerce-product-catalog-plugin-3-3-32-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32559   نامشخص https://patchstack.com/database/vulnerability/wp-404-auto-redirect-to-similar-post/wordpress-wp-404-auto-redirect-to-similar-post-plugin-1-0-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32562   نامشخص https://patchstack.com/database/vulnerability/zynith-seo/wordpress-z-y-n-i-t-h-plugin-7-4-9-unauthenticated-cross-site-scripting-xss-vulnerability?_s_id=cve 8.6
CVE-2024-32563   نامشخص https://patchstack.com/database/vulnerability/vikbooking/wordpress-vikbooking-hotel-booking-engine-pms-plugin-1-6-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32567   نامشخص https://patchstack.com/database/vulnerability/directorypress/wordpress-directorypress-plugin-3-6-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32570   نامشخص https://patchstack.com/database/vulnerability/cornerstone/wordpress-cornerstone-plugin-0-8-0-reflected-cross-site-scripting-xss-vulnerability-2?_s_id=cve 7.1
CVE-2024-32574   نامشخص https://patchstack.com/database/vulnerability/wp-simple-html-sitemap/wordpress-wp-simple-html-sitemap-plugin-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32578   نامشخص https://patchstack.com/database/vulnerability/slider-wd/wordpress-sliderby10web-plugin-1-2-54-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32582   نامشخص https://patchstack.com/database/vulnerability/debug-log-manager/wordpress-debug-log-manager-plugin-2-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32583   نامشخص https://patchstack.com/database/vulnerability/photo-gallery/wordpress-photo-gallery-by-10web-plugin-1-8-21-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32585   نامشخص https://patchstack.com/database/vulnerability/content-excel-importer/wordpress-import-content-in-wordpress-woocommerce-with-excel-plugin-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2023-47843   نامشخص https://patchstack.com/database/vulnerability/catablog/wordpress-catablog-plugin-1-7-0-arbitrary-file-deletion-vulnerability?_s_id=cve 7.6
CVE-2024-32551   نامشخص https://patchstack.com/database/vulnerability/sp-client-document-manager/wordpress-sp-project-document-manage-plugin-4-71-sql-injection-vulnerability?_s_id=cve 7.6
CVE-2024-32553   نامشخص https://patchstack.com/database/vulnerability/superfly-menu/wordpress-superfly-menu-plugin-5-0-25-subscriber-site-wide-stored-cross-site-scripting-xss-vulnerability?_s_id=cve 7.1
CVE-2024-32600   نامشخص https://patchstack.com/database/vulnerability/master-slider/wordpress-master-slider-plugin-3-9-5-php-object-injection-vulnerability?_s_id=cve 8.3
CVE-2024-32602   نامشخص https://patchstack.com/database/vulnerability/woocommerce-multilingual/wordpress-woocommerce-multilingual-multicurrency-plugin-5-3-3-1-sql-injection-vulnerability?_s_id=cve 7.6
CVE-2024-3600   نامشخص https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3071296%40poll-maker&new=3071296%40poll-maker&sfp_email=&sfph_mail= 7.2
CVE-2024-2761   نامشخص https://wpscan.com/vulnerability/e092ccdc-7ea1-4937-97b7-4cdbff5e74e5/  

 

 

برچسب ها:
administrator

نظر دهید

خبرنامه

برای دریافت آخرین به روز رسانی ها در مورد تبلیغات و کوپن ها هم اکنون ثبت نام کنید.

شبکه های اجتماعی

نوشته های مرتبط
آموزش, اخبار, تکنولوژی نوشته شده در 8 ماه پیش
مجموعه آسیب‌پذیری‌ها‌ در Tenda

شناسایی مجموعه آسیب‌پذیری‌ها‌ در Tenda شامل Tend ..

0 486
آموزش, اخبار, تکنولوژی نوشته شده در 6 ماه پیش
مجموعه آسیب‌پذیری‌ها‌ با سطح خطر بالا و بحرانی در Microsoft

0 499
اخبار, تکنولوژی نوشته شده در 10 ماه پیش
مجموعه آسیب‌پذیری‌ها‌ در چندین محصول TP-LINK

شناسایی مجموعه آسیب‌پذیری‌ها‌ در چندین محصو ..

0 719