Authenticated Database Reset vulnerability in WordPress WP Reset PRO Premium plugin (versions <= 5.98) allows any authenticated user to wipe the entire database regardless of their authorization. It leads to a complete website reset and takeover.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HWebfactoryltd Wp Reset Pro
APPWebfactoryltd≤ 5.98
Related vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in WebFactory Ltd. WP Reset PRO plugin <= 5.98 versions.
The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to ...
The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or ...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFacto...
Unvaludated input in the 301 Redirects - Easy Redirect Manager WordPress plugin, versions before 2.51, did not...