Remote code execution in Tenda F453 firmware (v1.0.0.3) via a buffer overflow in the SafeMacFilter function allows authenticated attackers to execute arbitrary code with full system privileges. The vulnerability stems from insufficient input validation on the page parameter in the /goform/SafeMacFilter endpoint and can be exploited remotely over the network. Public exploit code exists and no patch is currently available.
Unauthenticated SQL injection in wpForo 2.4.14 allows remote attackers to extract sensitive data from WordPress databases through the wpfob parameter via blind boolean-based attacks. The vulnerability exploits inadequate sanitization of ORDER BY clause identifiers, enabling credential theft without authentication. No patch is currently available for affected installations.
The Tutor LMS - eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. [CVSS 7.5 HIGH]
Timepictra versions up to 11.3 is affected by missing authentication for critical function (CVSS 7.5).
Unauthenticated attackers can inject malicious serialized PHP objects into the WP Mail Logging plugin (versions up to 1.15.0) through email forms, exploiting unsafe deserialization in the BaseModel class. When administrators view the logged emails, the injected payload deserializes into arbitrary PHP objects, potentially enabling code execution if leveraged with gadget chains from other installed plugins or themes. No patch is currently available.