Vulnerabilities
Duplicator 0.5.8 Privilege Escalation
Package functions are accessible to every registered users because admin privileges are not checked properly.
18-02-2015
1 MIN READ
Vulnerabilities
Package functions are accessible to every registered users because admin privileges are not checked properly.
1 MIN READ
Vulnerabilities
wp_ajax_save_item() is accessible for every registered user (admin privileges are not checked).
1 MIN READ
Vulnerabilities
There is few places where `Database
2 MIN READ
Vulnerabilities
Every registered user can access UploadHandler.php.
2 MIN READ
Vulnerabilities
Anyone can import CSV file. Pie Register will import users from this file.
1 MIN READ
Vulnerabilities
It's possible to inject specially crafted reflected XSS even if strip_tags and addslashes is used.
1 MIN READ
Vulnerabilities
Any registered user can upload any file.
1 MIN READ
Vulnerabilities
$_GET['mp3'] is not escaped.
1 MIN READ