Showing 1 - 7 of 7

Files from Marco Wotschka

First Active	2022-08-05
Last Active	2023-10-26

WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion: Posted Oct 26, 2023; Authored by Marco Wotschka | Site wordfence.com; WordPress AI ChatBot plugin versions 4.8.9 and below suffer from arbitrary file deletion, remote SQL injection, and directory traversal vulnerabilities.; tags | exploit, remote, arbitrary, vulnerability, sql injection, file inclusion; advisories | CVE-2023-5204, CVE-2023-5212, CVE-2023-5241; SHA-256 | 3c8bd183a8149e978aa13cbebd94a03b1f13fab6fc7a36a3dae48595fdb56856; Download | Favorite | View

WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object Injection: Posted Sep 19, 2023; Authored by Marco Wotschka | Site wordfence.com; WordPress Essential Blocks plugin versions 4.2.0 and below and Essential Blocks Pro versions 1.1.0 and below suffer from multiple PHP object injection vulnerabilities.; tags | exploit, php, vulnerability; advisories | CVE-2023-4386, CVE-2023-4402; SHA-256 | 3bc456da9e240b7476040544d3e4f0b5fa6f68d4e3ad65a015be529481ab73ad; Download | Favorite | View

WordPress Limit Login Attempts 1.7.1 Cross Site Scripting: Posted Apr 12, 2023; Authored by Marco Wotschka | Site wordfence.com; WordPress Limit Login Attempts plugin versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2023-1912; SHA-256 | 1532b19d05d684bd2a3c4b372dc5d6e1ef62176213e1f28f5a724a28d3ee4637; Download | Favorite | View

WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS: Posted Mar 23, 2023; Authored by Marco Wotschka | Site wordfence.com; WordPress plugins Watu Quiz versions 3.3.9 and below, GN Publisher versions 1.5.5 and below, and Japanized For WooCommerce versions 2.5.4 and below suffer from cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2023-0942, CVE-2023-0968, CVE-2023-1080; SHA-256 | aaa6840492b9bd30ed66ef5caa947815162272a3785e8dc84ec1435f67a96153; Download | Favorite | View

WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization: Posted Feb 2, 2023; Authored by Marco Wotschka, Ivan Kuzymchak | Site wordfence.com; On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites. This plugin is vulnerable to missing authorization, insecure direct object reference, cross site request forgery as well as cross site scripting in versions up to, and including, 2.0.2.; tags | advisory, vulnerability, code execution, xss, file inclusion, csrf; advisories | CVE-2023-0550, CVE-2023-0554, CVE-2023-0555; SHA-256 | e3ba7e7e5a2df6cde42d9ee75f8bec79e5251c694adb11dfae0969e813acffdb; Download | Favorite | View

WordPress Blog2Social 6.9.11 Missing Authorization: Posted Nov 9, 2022; Authored by Marco Wotschka | Site wordfence.com; WordPress Blog2Social versions 6.9.11 and below suffer from a missing authorization vulnerability.; tags | exploit, bypass; advisories | CVE-2022-3622; SHA-256 | e4e4ef726eb4dfee57096334068cfb2be2046a925d766a2bf97f2cb25de827ab; Download | Favorite | View

WordPress Ecwid Ecommerce Shopping Cart 6.10.23 Cross Site Request Forgery: Posted Aug 5, 2022; Authored by Marco Wotschka | Site wordfence.com; WordPress Ecwid Ecommerce Shopping Cart plugin versions 6.10.23 and below suffer from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2022-2432; SHA-256 | 4d8603e0293338606a482d16c657252dae8f29113703208bc7aafca598be3ca6; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days