CVE-2016-11003
The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation.
Source: CVE-2016-11003
[월:] 2019년 09월
CVE-2016-11011
CVE-2016-11011
The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation.
Source: CVE-2016-11011
CVE-2016-11009
CVE-2016-11009
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.
Source: CVE-2016-11009
CVE-2016-11012
CVE-2016-11012
The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS.
Source: CVE-2016-11012
CVE-2016-11007
CVE-2016-11007
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.
Source: CVE-2016-11007
CVE-2016-11008
CVE-2016-11008
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.
Source: CVE-2016-11008
CVE-2016-11005
CVE-2016-11005
The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS.
Source: CVE-2016-11005
CVE-2016-11006
CVE-2016-11006
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.
Source: CVE-2016-11006
CVE-2016-11010
CVE-2016-11010
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.
Source: CVE-2016-11010
CVE-2016-11004
CVE-2016-11004
The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation.
Source: CVE-2016-11004