exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2022-4707

Status Candidate

Overview

The Royal Elementor Addons plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.59. This is due to missing nonce validation in the 'wpr_create_mega_menu_template' AJAX function. This allows unauthenticated attackers to create Mega Menu templates, granted they can trick an administrator into performing an action, such as clicking a link.

Related Files

Smart Office Web 20.28 Information Disclosure / Insecure Direct Object Reference
Posted Jun 23, 2023
Authored by Tejas Nitin Pingulkar

Smart Office Web version 20.28 suffers from information disclosure due to an insecure direct object reference vulnerability.

tags | exploit, web, info disclosure
advisories | CVE-2022-47075, CVE-2022-47076
SHA-256 | 0e404965ef5239207c525c44d321cb98b5082332677616c1825d478aca12e3c8
Download | Favorite | View
WordPress Royal Elementor 1.3.59 XSS / CSRF / Insufficient Access Controls
Posted Jan 11, 2023
Authored by Ramuel Gall | Site wordfence.com

WordPress Royal Elementor add-ons versions 1.3.59 and below suffer from cross site request forgery, insufficient access control, cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2022-4700, CVE-2022-4701, CVE-2022-4702, CVE-2022-4703, CVE-2022-4704, CVE-2022-4705, CVE-2022-4707, CVE-2022-4708, CVE-2022-4709, CVE-2022-4710, CVE-2022-4711
SHA-256 | 5d3c94aa12c0662cecfc95164895acace4553b37a6d627727e5abb15210b1aba
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    211 Files
  • 2
    Sep 2nd
    0 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    0 Files
  • 6
    Sep 6th
    0 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close