>> AUTHOR: deepcore

WordPress Plugin Elementor 3.6.2 – Remote Code Execution (RCE) (Authenticated)

7-zip – Code Execution / Local Privilege Escalation

Fuel CMS 1.5.0 – Cross-Site Request Forgery (CSRF)

WordPress Plugin Videos sync PDF 1.7.4 – Stored Cross Site Scripting (XSS)

ManageEngine ADSelfService Plus 6.1 – User Enumeration

PTPublisher v2.3.4 – Unquoted Service Path

Microsoft Exchange Active Directory Topology 15.0.847.40 – ‘Service MSExchangeADTopology’ Unquoted Service Path

EaseUS Data Recovery – ‘ensserver.exe’ Unquoted Service Path

Microsoft Exchange Mailbox Assistants 15.0.847.40 – ‘Service MSExchangeMailboxAssistants’ Unquoted Service Path

WordPress Plugin Motopress Hotel Booking Lite 4.2.4 – SQL Injection