GA-Tech AI Chat

Site vulnerabilities found

von

sodexo
in

Plesk

/* Stop WebKit from changing text sizes */
body,
table,
td,
a {
-webkit-text-size-adjust: 100%;
-ms-text-size-adjust: 100%;
}
body {
height: 100% !important;
margin: 0 !important;
padding: 0 !important;
width: 100% !important;
}

/* Removes spacing between tables in Outlook 2007+ */
table,
td {
mso-table-lspace: 0pt;
mso-table-rspace: 0pt;
}
img {
border: 0;
line-height: 100%;
text-decoration: none;
-ms-interpolation-mode: bicubic;
/* Smoother rendering in IE */
}
table {
border-collapse: collapse !important;
}

/* iOS Blue Links */
a[x-apple-data-detectors] {
color: inherit !important;
text-decoration: none !important;
font-size: inherit !important;
font-family: inherit !important;
font-weight: inherit !important;
line-height: inherit !important;
}

/* Table fix for Outlook */
table {
border-collapse: separate;
}
.ExternalClass p,
.ExternalClass span,
.ExternalClass font,
.ExternalClass td {
line-height: 100%;
}
.ExternalClass {
width: 100%;
}

/* Mobile Styling */
@media screen and (max-width: 525px) {
.wrapper {
width: 100% !important;
max-width: 100% !important;
}
.hide-element {
display: none !important;
}
.no-padding {
padding: 0 !important;
}
.img-max {
max-width: 100% !important;
width: 100% !important;
height: auto !important;
}
.table-max {
width: 100% !important;
}
.mobile-btn-container {
margin: 0 auto;
width: 100% !important;
}
.mobile-btn {
padding: 15px !important;
border: 0 !important;
font-size: 16px !important;
display: block !important;
}
}

/* iPads (landscape) Styling */
@media handheld,
all and (device-width: 768px) and (device-height: 1024px) and =
(orientation : landscape) {
.wrapper-ipad {
max-width: 278px !important;
}
.table-max-ipad {
max-width: 465px !important;
}
}

/* iPads (portrait) Styling */
@media handheld,
all and (device-width: 768px) and (device-height: 1024px) and =
(orientation : portrait) {
.wrapper-ipad {
max-width: 278px !important;
}
.table-max-ipad {
max-width: 465px !important;
}
}

 

 

WP Toolkit has detected new vulnerabilities on =
WordPress sites under your care. It is strongly recommended to update or =
disable vulnerable assets on these sites. You can also configure WP =
Toolkit to perform automatic actions when vulnerabilities are detected. =

The following vulnerabilities need your attention because they =
have to be addressed manually:

 
Site: derschuster.hamburg
Open in panel
 

 

Critical

WordPress Slider Revolution plugin < 6.7.0 – Unauthenticated =
Broken Access Control vulnerability

Unauthenticated Broken Access Control =
vulnerability discovered by Rafie Muhammad (Patchstack) in WordPress =
Plugin Slider Revolution (versions < 6.7.0)

=20
Source: Patchstack, Wordfence

 

 
Site: derschuster.hamburg
Open in panel
 

 

Medium

Slider Revolution < 6.6.19 – Authenticated (Author+) PHP =
Object Injection

The Slider Revolution plugin for WordPress is =
vulnerable to PHP Object Injection in all versions up to 6.6.19 =
(exclusive) via deserialization of untrusted input when importing a new =
slider. This makes it possible for authenticated attackers, with =
author-level access and above, to inject a PHP Object. No known POP =
chain is present in the vulnerable plugin. If a POP chain is present via =
an additional plugin or theme installed on the target system, it could =
allow the attacker to delete arbitrary files, retrieve sensitive data, =
or execute code.
This record contains material that is =
subject to copyright.

Source: Wordfence

 

 
Site: derschuster.hamburg
Open in panel
 

 

Medium

WordPress Lightbox Gallery plugin < 0.9.5 – Authenticated =
(Contributor+) Stored Cross-Site Scripting via Shortcode =
vulnerability

Authenticated (Contributor+) Stored Cross-Site =
Scripting via Shortcode vulnerability discovered by Lana Codes in =
WordPress Plugin Lightbox Photo Gallery (versions < 0.9.5)

=20
Source: Patchstack, Wordfence

 

 
Site: derschuster.hamburg
Open in panel
 

 

Medium

WordPress Lightbox Photo Gallery plugin < 0.9.5 – Contributor+ =
Stored XSS via Shortcode vulnerability

Contributor+ Stored XSS via Shortcode =
vulnerability discovered by an unknown individual in WordPress Plugin =
Lightbox Photo Gallery (versions <=3D 0.9.4)

=20
Source: Patchstack

 

 
Site: derschuster.hamburg
Open in panel
 

 

Medium

WordPress Slide Anything plugin <=3D 2.4.9 – iFrame Injection =
to Cross-Site Scripting (XSS) vulnerability

iFrame Injection to Cross-Site Scripting (XSS) =
vulnerability discovered by FearZzZz in WordPress Plugin Slide Anything =
(versions <=3D 2.4.9)

=20
Source: Patchstack, Wordfence

 

More vulnerabilities were =
found, please go to WP Toolkit for the full list.

Automatic =
actions can be defined on the site autoupdate policy screen. =

 

 

 

 

 

WebPros International GmbH

   
Vordergasse 59
   
Schaffhausen, CH 8200
   
Switzerland

 

Kommentare

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert