Filter Grids
Monthly
YMC Filter & Grids through version 3.5.1 contains an authorization bypass that allows unauthenticated remote attackers to modify data due to improperly configured access controls. The vulnerability affects the smart-filter component and could enable unauthorized alterations to filtered content or grid configurations without requiring user interaction or privileges.
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
YMC Filter & Grids through version 3.5.1 contains an authorization bypass that allows unauthenticated remote attackers to modify data due to improperly configured access controls. The vulnerability affects the smart-filter component and could enable unauthorized alterations to filtered content or grid configurations without requiring user interaction or privileges.
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.