Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Bonkozoo zoo'
2020-03-10
CVE-2020-10257
CWE-94
The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter.
>>>
Vendor:
Themerex
63
Products
Addons
Ozeum-museum
Chit club-board games
Yottis-simple portfolio
Helion-agency \&portfolio
Amuli
Nelson-barbershop \+ tattoo salon
Hallelujah-church
Right way
Prider-pride fest
Mystik-esoterics
Skydiving and flying company
Dronex-aerial photography services
Samadhi-buddhist
Tantum-rent a car\, rent a bike\, rent a scooter multiskin theme
Scientia-public library
Blabber
Impacto patronus multi-landing
Rare radio
Piqes-creative startup \& agency wordpress theme
Kratz-digital agency
Pixefy
Netmix-broadband \& telecom
Kids care
Briny-diving wordpress theme
Tornados
Gridiron
Yungen-digital\/marketing agency
Fc united-football
Bugster-pests control
Rumble-single fighter boxer\, news\, gym\, store
Tacticool-shooting range wordpress theme
Coinpress-cryptocurrency magazine \& blog wordpress theme
Vihara-ashram\, buddhist
Katelyn-gutenberg wordpress blog theme
Heaven 11-multiskin property theme
Especio-food gutenberg theme
Partiso electioncampaign
Kargo-freight transport
Maxify-startup blog
Lingvico-language learning school
Aldo-gutenberg wordpress blog theme
Vixus-startup \/ mobile application
Wellspring water filter systems
Nazareth-church
Tediss-soft play area\, cafe \& child care center
Yolox-startup magazine \& blog wordpress theme
Meals and wheels-food truck
Rosalinda-vegetarian \& health coach
Vapester
Modern housewife-housewife and family blog
Chainpress
Justitia-multiskin lawyer theme
Hobo digital nomad blog
Rhodos-creative corporate wordpress theme
Buzz stone-magazine \& blog
Corredo sport event
Savejulia personal fundraising campaign
Bonkozoo zoo
Renewal-plastic surgeon clinic
Gloss blog
Plumbing-repair\, building \& construction wordpress theme
Topper theme and skins
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Bonkozoo zoo' 