...
Order today
Unauthenticated WP JUN 2024

Unauthenticated WP JUN 2024 – 39 Security Abuse

Sponsored by:

Discover Xolo Leap: All the essential features and services modern solopreneurs need to run a borderless business. Run an EU business from anywhere on the planet!

Be informed about the latest Unauthenticated WP JUN 2024 - WP Security Circumvention, identified and reported publicly. It is a -39% DECREASE compared to previous month, as specifically going around existing security. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.

Contact your online project manager

Order managed services

Fast forward 2-3 years: your business is on autopilot, yet you are in control. Your 3rd party integrations still work, your partners and your customers are happy.

There hasn’t been a crisis or “online emergency” in ages, and all your reports are OK and green. Whimsical? The future is already here. Step into your future today.
ORDER NOW
+40.720.14.62.87
csaba@ultrai.ae

Unauthenticated WP JUN 2024

As these unrestricted access cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the Unauthenticated WP JUN 2024 category:

Atarim Unauthenticated Cross-Site Scripting (XSS)
Back In Stock Notifier for WooCommerce Unauthenticated Arbitrary Shortcode Execution (BAC)
Booster for WooCommerce Unauthenticated Arbitrary Shortcode Execution (BAC)
Business Directory Plugin Unauthenticated SQL Injection (SQLi) via listingfields Parameter
Contact Form by WPForms Unauthenticated Price Manipulation (BAC)
Copymatic – AI Content Writer & Generator Unauthenticated Arbitrary File Upload (BAC)
Cost Calculator Builder Pro Unauthenticated Cross-Site Scripting (XSS) via SVG Upload (BAC)
Country State City Dropdown CF7 Unauthenticated SQL Injection (SQLi)
Email Log Unauthenticated Hook Injection
Flash & HTML5 Video Unauthenticated SQL Injection (SQLi)
Gravity Forms Unique ID Unauthenticated Form Submission Unique ID Modification
Hash Form – Drag & Drop Form Builder Unauthenticated Arbitrary File Upload (BAC) to Remote Code Execution (RCE)
Hash Form – Drag & Drop Form Builder Unauthenticated PHP Object Injection
Hotel Booking Lite Unauthenticated PHP Object Injection
Last Viewed Posts by WPBeginner Unauthenticated PHP Object Injection
LearnPress Unauthenticated Bypass (BAC) to User Registration
LearnPress Unauthenticated Time-Based SQL Injection (SQLi)
NextScripts Unauthenticated Cross-Site Scripting (XSS) via User Agent
Orders Tracking for WooCommerce Unauthenticated Arbitrary Shortcode Execution (BAC)
Penci Soledad Data Migrator Unauthenticated Local File Inclusion (LFi)
Popup4Phone Unauthenticated Cross-Site Scripting (XSS)
Porto Theme Unauthenticated Local File Inclusion (LFi) via porto_ajax_posts
Simple Basic Contact Form Unauthenticated Arbitrary Shortcode Execution (BAC)
Slider Revolution Unauthenticated Broken Access Control (BAC)
SSL Zen – Free SSL Certificate & HTTPS Redirect for WordPress Unauthenticated Private Keys Access
Startklar Elementor Addons Unauthenticated Arbitrary File Deletion
Startklar Elementor Addons Unauthenticated Arbitrary File Upload (BAC)
Stockholm Theme Unauthenticated Local File Inclusion (LFi)
Swift Framework Missing Authorization (BAC) to Unauthenticated Arbitrary Content Update
Userpro Unauthenticated Account Takeover
Web Directory Free Unauthenticated SQL Injection (SQLi)
WPCafe Unauthenticated Server-Side Request Forgery (SSRF)
wpDataTables Unauthenticated Cross-Site Scripting (XSS) via CSV Import
WP Photo Album Plus Unauthenticated Arbitrary Shortcode Execution (BAC)
WP Photo Album Plus Unauthenticated Arbitrary File Upload (BAC)
WPZOOM Addons for Elementor (Templates, Widgets) Unauthenticated Local File Inclusion (LFi)
XML Sitemap & Google News Unauthenticated Local File Inclusion (LFi)
YITH WooCommerce Ajax Search Unauthenticated Cross-Site Scripting (XSS)
YITH WooCommerce Gift Cards Multiple BAC - Missing Authorization to Unauthenticated WooCommerce Settings Update
Unauthenticated WordPress reported in 2023: 235
Unauthenticated WordPress reported in 2024: 232
Contact immediately

Get managed security

Fast forward 2-3 years: your business is on autopilot, yet you are in control. Your website is humming along, leads & customers are rolling in.

There hasn’t been a crisis or “website emergency” in ages, and all your charts are pointing up and to the right. Whimsical? The future is already here. Step into your future today.
ORDER NOW
+40.720.14.62.87
csaba@ultrai.ae


Table Of Contents

A cup of coffee makes a difference ...

How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of one cup of coffee for a managed service.
Start simply by contacting us with your selections:

LAUNCH:
Your own WEBSITE Your own E-SHOP with AI-Powered Automation Your own social COMMUNITY Your own PRO EXPERTISE
GROW:
with AI-Powered Automation Grow your WordPress Grow your WooCommerce Grow your Shopify
TOP MANAGED SERVICES:
managed SECURITY managed PAGESPEED managed CRM managed Newsletter
ABOUT US:
About ultrai Privacy Policy Terms & Conditions
ultrai.ae managed online © 2023 - 2024 – All rights reserved
We’re on an empowering mission for customers, who desire not to be transformed forcefully into IT experts.
ultrai.ae

Sign up for our newsletter

We send just one email a month with technical updates.
Topics include: XSS, CSRF, SSRF, SQLi, BAC.

We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.