PropertyHive <= 1.4.25 – Unvalidated Input to do_action()

Affects Plugins

propertyhive

Fixed in 1.4.26

References

URL

https://wp-property-hive.com/

URL

https://github.com/propertyhive/WP-Property-Hive/commit/351451716dcbc6d57b332b9fd3f68b211babf676

URL

https://github.com/propertyhive/WP-Property-Hive/commit/d0c8bb880bd33252e4973580260f73f9ac671af5

Miscellaneous

Submitter

Javier Casares

Submitter website

https://www.javiercasares.com/

Submitter twitter

JavierCasares

Verified

No

WPVDB ID

c979c080-d5c3-471b-97f9-586f6b576717

Timeline

Publicly Published

2018-12-03 (about 7 years ago)

Added

2018-12-06 (about 7 years ago)

Last Updated

2019-11-01 (about 6 years ago)

Other

Published

Title

Published

2014-08-01

Title

WP Online Store 1.3.1 - index.php Multiple Parameter Traversal Arbitrary File Access

Published

2014-08-01

Title

WordPress <= 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution

Published

2023-10-11

Title

Form Maker < 1.15.21 - Captcha Bypass

Published

2014-09-17

Title

FormCraft <= 2.0.5 - Arbitrary File Deletion

Published

2023-05-27

Title

WP EasyCart < 5.4.9 - Product Deletion via CSRF