3uu -- shariff_wrapper
|
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-21 |
6.4 |
CVE-2023-6500
security@wordfence.com
security@wordfence.com |
3uu -- shariff_wrapper
|
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes like 'info_text'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page and clicks the information icon. |
2024-03-21 |
6.4 |
CVE-2024-0966
security@wordfence.com
security@wordfence.com
security@wordfence.com |
3uu -- shariff_wrapper
|
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.10 due to insufficient input sanitization and output escaping on user supplied attributes such as 'align'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-21 |
6.4 |
CVE-2024-1450
security@wordfence.com
security@wordfence.com
security@wordfence.com |
N/A -- N/A
|
Directory Traversal vulnerability in Speedy11CZ MCRPX v.1.4.0 and before allows a local attacker to execute arbitrary code via a crafted file. |
2024-03-19 |
5.5 |
CVE-2024-24043
cve@mitre.org
cve@mitre.org
cve@mitre.org |
N/A -- N/A
|
The SolarEdge mySolarEdge application before 2.20.1 for Android has a certificate verification issue that allows a Machine-in-the-middle (MitM) attacker to read and alter all network traffic between the application and the server. |
2024-03-21 |
5.9 |
CVE-2024-28756
cve@mitre.org
cve@mitre.org |
aam -- advanced_access_manager
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager allows Stored XSS.This issue affects Advanced Access Manager: from n/a through 6.9.20. |
2024-03-19 |
5.9 |
CVE-2024-29124
audit@patchstack.com |
aankit -- easy_maintenance_mode
|
The Easy Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2 via the REST API. This makes it possible for authenticated attackers to obtain post and page content via REST API thus bypassign the protection provided by the plugin. |
2024-03-20 |
5.3 |
CVE-2024-1477
security@wordfence.com
security@wordfence.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-20760
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-20768
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26028
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26030
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26031
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim's browser. Exploitation of this issue requires user interaction. |
2024-03-18 |
5.4 |
CVE-2024-26032
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26033
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26034
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26035
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26038
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26040
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26041
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26042
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26043
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26044
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26045
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26052
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26056
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26059
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26061
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26062
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information, potentially bypassing security measures. Exploitation of this issue does not require user interaction. |
2024-03-18 |
5.3 |
CVE-2024-26063
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim's browser. Exploitation of this issue requires user interaction. |
2024-03-18 |
5.4 |
CVE-2024-26064
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26065
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26067
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26069
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26073
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable script. |
2024-03-18 |
5.4 |
CVE-2024-26080
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26094
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26096
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26101
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26102
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26103
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26104
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26105
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26106
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26107
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
2024-03-18 |
5.4 |
CVE-2024-26118
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
2024-03-18 |
5.3 |
CVE-2024-26119
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26120
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26124
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
5.4 |
CVE-2024-26125
psirt@adobe.com |
adobe -- adobe_experience_manager
|
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. |
2024-03-18 |
4.8 |
CVE-2024-26050
psirt@adobe.com |
adobe -- animate
|
Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2024-03-18 |
5.5 |
CVE-2024-20762
psirt@adobe.com |
adobe -- animate
|
Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2024-03-18 |
5.5 |
CVE-2024-20763
psirt@adobe.com |
adobe -- animate
|
Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2024-03-18 |
5.5 |
CVE-2024-20764
psirt@adobe.com |
adobe -- bridge
|
Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2024-03-18 |
5.5 |
CVE-2024-20757
psirt@adobe.com |
advantech -- webaccess/scada
|
There is an SQL injection vulnerability in Advantech WebAccess/SCADA software that allows an authenticated attacker to remotely inject SQL code in the database. Successful exploitation of this vulnerability could allow an attacker to read or modify data on the remote database. |
2024-03-21 |
6.4 |
CVE-2024-2453
ics-cert@hq.dhs.gov |
anshuln90 -- animated_headline
|
The Animated Headline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animated-headline' shortcode in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-20 |
6.4 |
CVE-2024-2304
security@wordfence.com
security@wordfence.com |
axis_communications_ab -- axis_os
|
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs local_list.cgi, create_overlay.cgi and irissetup.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. |
2024-03-19 |
6.5 |
CVE-2024-0054
product-security@axis.com |
axis_communications_ab -- axis_os
|
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi and playclip.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. |
2024-03-19 |
6.5 |
CVE-2024-0055
product-security@axis.com |
bdtask -- wholesale_inventory_management_system
|
A vulnerability was found in Bdtask Wholesale Inventory Management System up to 20240311. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to session fixiation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257245 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-19 |
4.3 |
CVE-2024-2639
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
bdthemes -- element_pack_elementor_addons
|
Missing Authorization vulnerability in BdThemes Element Pack Elementor Addons.This issue affects Element Pack Elementor Addons: from n/a through 5.4.11. |
2024-03-23 |
4.3 |
CVE-2024-24840
audit@patchstack.com |
benjamin_rojas -- wp_editor
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a through 1.2.7. |
2024-03-17 |
5.3 |
CVE-2024-25591
audit@patchstack.com |
bmc -- control-m
|
Improper authorization in the report management and creation module of BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users to read and make unauthorized changes to any reports available within the application, even without proper permissions. The attacker must know the unique identifier of the report they want to manipulate. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.201. |
2024-03-18 |
6.4 |
CVE-2024-1604
cvd@cert.pl
cvd@cert.pl
cvd@cert.pl |
bmc -- control-m
|
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application's privileges. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.201. |
2024-03-18 |
6.6 |
CVE-2024-1605
cvd@cert.pl
cvd@cert.pl
cvd@cert.pl |
bmc -- control-m
|
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users for manipulation of generated web pages via injection of HTML code. This might lead to a successful phishing attack for example by tricking users into using a hyperlink pointing to a website controlled by an attacker. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.200. |
2024-03-18 |
4.6 |
CVE-2024-1606
cvd@cert.pl
cvd@cert.pl
cvd@cert.pl |
brefphp -- bref
|
Bref is an open-source project that helps users go serverless on Amazon Web Services with PHP. When Bref prior to version 2.1.17 is used with the Event-Driven Function runtime and the handler is a `RequestHandlerInterface`, then the Lambda event is converted to a PSR7 object. During the conversion process, if the request is a MultiPart, each part is parsed. In the parsing process, the `Content-Type` header of each part is read using the `Riverline/multipart-parser` library. The library, in the `StreamedPart::parseHeaderContent` function, performs slow multi-byte string operations on the header value. Precisely, the `mb_convert_encoding` function is used with the first (`$string`) and third (`$from_encoding`) parameters read from the header value. An attacker could send specifically crafted requests which would force the server into performing long operations with a consequent long billed duration. The attack has the following requirements and limitations: The Lambda should use the Event-Driven Function runtime and the `RequestHandlerInterface` handler and should implement at least an endpoint accepting POST requests; the attacker can send requests up to 6MB long (this is enough to cause a billed duration between 400ms and 500ms with the default 1024MB RAM Lambda image of Bref); and if the Lambda uses a PHP runtime <= php-82, the impact is higher as the billed duration in the default 1024MB RAM Lambda image of Bref could be brought to more than 900ms for each request. Notice that the vulnerability applies only to headers read from the request body as the request header has a limitation which allows a total maximum size of ~10KB. Version 2.1.17 contains a fix for this issue. |
2024-03-22 |
5.3 |
CVE-2024-29186
security-advisories@github.com
security-advisories@github.com |
calameo -- wp_calameo
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Calameo WP Calameo allows Stored XSS.This issue affects WP Calameo: from n/a through 2.1.7. |
2024-03-19 |
6.5 |
CVE-2024-29098
audit@patchstack.com |
campcodes -- complete_online_beauty_parlor_management_system
|
A vulnerability has been found in Campcodes Complete Online Beauty Parlor Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257602 is the identifier assigned to this vulnerability. |
2024-03-21 |
6.3 |
CVE-2024-2766
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_beauty_parlor_management_system
|
A vulnerability was found in Campcodes Complete Online Beauty Parlor Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257603. |
2024-03-21 |
6.3 |
CVE-2024-2767
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_beauty_parlor_management_system
|
A vulnerability was found in Campcodes Complete Online Beauty Parlor Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit-services.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257604. |
2024-03-21 |
6.3 |
CVE-2024-2768
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_beauty_parlor_management_system
|
A vulnerability was found in Campcodes Complete Online Beauty Parlor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257605 was assigned to this vulnerability. |
2024-03-21 |
6.3 |
CVE-2024-2769
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_beauty_parlor_management_system
|
A vulnerability was found in Campcodes Complete Online Beauty Parlor Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/contact-us.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257606 is the identifier assigned to this vulnerability. |
2024-03-21 |
6.3 |
CVE-2024-2770
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_beauty_parlor_management_system
|
A vulnerability classified as critical was found in Campcodes Online Marriage Registration System 1.0. This vulnerability affects unknown code of the file /user/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257608. |
2024-03-21 |
6.3 |
CVE-2024-2774
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_beauty_parlor_management_system
|
A vulnerability, which was classified as critical, was found in Campcodes Online Marriage Registration System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257610 is the identifier assigned to this vulnerability. |
2024-03-22 |
6.3 |
CVE-2024-2776
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_beauty_parlor_management_system
|
A vulnerability has been found in Campcodes Online Marriage Registration System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/application-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257611. |
2024-03-22 |
6.3 |
CVE-2024-2777
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_dj_booking_system
|
A vulnerability, which was classified as critical, has been found in Campcodes Complete Online DJ Booking System 1.0. This issue affects some unknown processing of the file /admin/user-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257465 was assigned to this vulnerability. |
2024-03-21 |
6.3 |
CVE-2024-2712
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_dj_booking_system
|
A vulnerability, which was classified as critical, was found in Campcodes Complete Online DJ Booking System 1.0. Affected is an unknown function of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257466 is the identifier assigned to this vulnerability. |
2024-03-21 |
6.3 |
CVE-2024-2713
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- complete_online_dj_booking_system
|
A vulnerability has been found in Campcodes Complete Online DJ Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257467. |
2024-03-20 |
6.3 |
CVE-2024-2714
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability has been found in Campcodes Online Job Finder System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/vacancy/controller.php. The manipulation of the argument id/CATEGORY leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257368. |
2024-03-20 |
6.3 |
CVE-2024-2668
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/employee/controller.php of the component GET Parameter Handler. The manipulation of the argument EMPLOYEEID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257369 was assigned to this vulnerability. |
2024-03-20 |
6.3 |
CVE-2024-2669
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/vacancy/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257370 is the identifier assigned to this vulnerability. |
2024-03-20 |
6.3 |
CVE-2024-2670
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user/index.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257371. |
2024-03-20 |
6.3 |
CVE-2024-2671
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/user/controller.php. The manipulation of the argument UESRID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257372. |
2024-03-20 |
6.3 |
CVE-2024-2672
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability classified as critical has been found in Campcodes Online Job Finder System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument user_email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257373 was assigned to this vulnerability. |
2024-03-20 |
6.3 |
CVE-2024-2673
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability classified as critical was found in Campcodes Online Job Finder System 1.0. This vulnerability affects unknown code of the file /admin/employee/index.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257374 is the identifier assigned to this vulnerability. |
2024-03-20 |
6.3 |
CVE-2024-2674
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability, which was classified as critical, has been found in Campcodes Online Job Finder System 1.0. This issue affects some unknown processing of the file /admin/company/index.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257375. |
2024-03-20 |
6.3 |
CVE-2024-2675
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability, which was classified as critical, was found in Campcodes Online Job Finder System 1.0. Affected is an unknown function of the file /admin/company/controller.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257376. |
2024-03-20 |
6.3 |
CVE-2024-2676
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability has been found in Campcodes Online Job Finder System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/controller.php. The manipulation of the argument CATEGORYID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257377 was assigned to this vulnerability. |
2024-03-20 |
6.3 |
CVE-2024-2677
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/applicants/controller.php. The manipulation of the argument JOBREGID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257378 is the identifier assigned to this vulnerability. |
2024-03-20 |
6.3 |
CVE-2024-2678
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
campcodes -- online_job_finder_system
|
A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/applicants/index.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257387. |
2024-03-20 |
6.3 |
CVE-2024-2687
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
cegid -- meta4_hr
|
A Cross-Site Scripting Vulnerability has been found on Meta4 HR affecting version 819.001.022 and earlier. The endpoint '/sitetest/english/dumpenv.jsp' is vulnerable to XSS attack by 'lang' query, i.e. '/sitetest/english/dumpenv.jsp?snoop=yes&lang=%27%3Cimg%20src/onerror=alert(1)%3E¶ms'. |
2024-03-19 |
6.1 |
CVE-2024-2633
cve-coordination@incibe.es |
cegid -- meta4_hr
|
A Cross-Site Scripting Vulnerability has been found on Meta4 HR affecting version 819.001.022 and earlier. The endpoint '/sse_generico/generico_login.jsp' is vulnerable to XSS attack via 'lang' query, i.e. '/sse_generico/generico_login.jsp?lang=%27%3balert(%27BLEUSS%27)%2f%2f¶ms='. |
2024-03-19 |
6.1 |
CVE-2024-2634
cve-coordination@incibe.es |
ciges -- cigesv2
|
Stored Cross-Site Scripting (Stored-XSS) vulnerability affecting the CIGESv2 system, allowing an attacker to execute and store malicious javascript code in the application form without prior registration. |
2024-03-22 |
6.1 |
CVE-2024-2726
cve-coordination@incibe.es |
ciges -- cigesv2
|
HTML injection vulnerability affecting the CIGESv2 system, which allows an attacker to inject arbitrary code and modify elements of the website and email confirmation message. |
2024-03-22 |
6.1 |
CVE-2024-2727
cve-coordination@incibe.es |
ciges -- cigesv2
|
Information exposure vulnerability in the CIGESv2 system. This vulnerability could allow a local attacker to intercept traffic due to the lack of proper implementation of the TLS protocol. |
2024-03-22 |
4.1 |
CVE-2024-2728
cve-coordination@incibe.es |
cilium -- cilium
|
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sent unencrypted and IPsec-eligible traffic between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.15.2, 1.14.8, and 1.13.13. There is no known workaround for this issue. |
2024-03-18 |
6.1 |
CVE-2024-28249
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
cilium -- cilium
|
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's Envoy proxy and pods on other nodes is sent unencrypted and Wireguard-eligible traffic that is sent between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.14.8 and 1.15.2 in in native routing mode (`routingMode=native`) and in Cilium 1.14.4 in tunneling mode (`routingMode=tunnel`). Not that in tunneling mode, `encryption.wireguard.encapsulate` must be set to `true`. There is no known workaround for this issue. |
2024-03-18 |
6.1 |
CVE-2024-28250
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
colorlibplugins -- coming_soon_&_maintenance_mode_by_colorlib
|
The Coming Soon & Maintenance Mode by Colorlib plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.99 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page contents via REST API thus bypassing maintenance mode protection provided by the plugin. |
2024-03-20 |
5.3 |
CVE-2024-1473
security@wordfence.com
security@wordfence.com |
cozmoslabs,_sareiodata -- passwordless_login
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozmoslabs, sareiodata Passwordless Login passwordless-login allows Stored XSS.This issue affects Passwordless Login: from n/a through 1.1.2. |
2024-03-19 |
6.5 |
CVE-2024-29143
audit@patchstack.com |
creativethemeshq -- blocksy_companion
|
The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Newsletter widget in all versions up to, and including, 2.0.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-22 |
6.5 |
CVE-2024-2392
security@wordfence.com
security@wordfence.com |
crisp -- crisp
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crisp allows Stored XSS.This issue affects Crisp: from n/a through 0.44. |
2024-03-21 |
6.5 |
CVE-2024-27963
audit@patchstack.com |
data443 -- tracking_code_manager
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.0.16. |
2024-03-21 |
5.9 |
CVE-2024-2579
audit@patchstack.com |
dazzlersoft -- coming_soon_under_construction_&_maintenance_mode_by_dazzler
|
The Coming Soon, Under Construction & Maintenance Mode By Dazzler plugin for WordPress is vulnerable to maintenance mode bypass in all versions up to, and including, 2.1.2. This is due to the plugin relying on the REQUEST_URI to determine if the page being accesses is an admin area. This makes it possible for unauthenticated attackers to bypass maintenance mode and access the site which may be considered confidential when in maintenance mode. |
2024-03-20 |
5.3 |
CVE-2024-1181
security@wordfence.com
security@wordfence.com |
delabon -- live_sales_notification_for_woocommerce_-_woomotiv
|
The Live Sales Notification for Woocommerce - Woomotiv plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.3. This is due to missing or incorrect nonce validation on the 'ajax_cancel_review' function. This makes it possible for unauthenticated attackers to reset the site's review count via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
2024-03-20 |
4.3 |
CVE-2024-1325
security@wordfence.com
security@wordfence.com
security@wordfence.com |
dell -- poweredge_platform
|
Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM. |
2024-03-19 |
4.4 |
CVE-2024-25942
security_alert@emc.com |
delta_electronics -- diaenergie
|
Improper neutralization of input within the affected product could lead to cross-site scripting. |
2024-03-21 |
4.6 |
CVE-2024-28045
ics-cert@hq.dhs.gov |
denoland -- deno
|
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.8.0 and prior to version 1.40.4, Deno improperly checks that an import specifier's hostname is equal to or a child of a token's hostname, which can cause tokens to be sent to servers they shouldn't be sent to. An auth token intended for `example[.]com` may be sent to `notexample[.]com`. Anyone who uses DENO_AUTH_TOKENS and imports potentially untrusted code is affected. Version 1.40.0 contains a patch for this issue |
2024-03-21 |
4.6 |
CVE-2024-27932
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
devklan -- alma_blog
|
Improper access control vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an unauthenticated user to access the application's functionalities without the need for credentials. |
2024-03-19 |
6.5 |
CVE-2024-1144
cve-coordination@incibe.es |
devklan -- alma_blog
|
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow a remote user to retrieve all valid users registered in the application just by looking at the request response. |
2024-03-19 |
5.3 |
CVE-2024-1145
cve-coordination@incibe.es |
devklan -- alma_blog
|
Cross-Site Scripting vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an attacker to store a malicious JavaScript payload within the application by adding the payload to 'Community Description' or 'Community Rules'. |
2024-03-19 |
5.8 |
CVE-2024-1146
cve-coordination@incibe.es |
diygod -- rsshub
|
RSSHub is an open source RSS feed generator. Starting in version 1.0.0-master.cbbd829 and prior to version 1.0.0-master.d8ca915, ahen the specially crafted image is supplied to the internal media proxy, it proxies the image without handling XSS vulnerabilities, allowing for the execution of arbitrary JavaScript code. Users who access the deliberately constructed URL are affected. This vulnerability was fixed in version 1.0.0-master.d8ca915. No known workarounds are available. |
2024-03-21 |
6.1 |
CVE-2024-27926
security-advisories@github.com
security-advisories@github.com |
diygod -- rsshub
|
RSSHub is an open source RSS feed generator. Prior to version 1.0.0-master.a429472, RSSHub allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service (DoS) attacks. The attacker can send malicious requests to a RSSHub server, to make the server send HTTP GET requests to arbitrary destinations and see partial responses. This may lead to leak the server IP address, which could be hidden behind a CDN; retrieving information in the internal network, e.g. which addresses/ports are accessible, the titles and meta descriptions of HTML pages; and denial of service amplification. The attacker could request the server to download some large files, or chain several SSRF requests in a single attacker request. |
2024-03-21 |
6.5 |
CVE-2024-27927
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
espocrm -- espocrm
|
EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2. |
2024-03-21 |
5.9 |
CVE-2024-24818
security-advisories@github.com
security-advisories@github.com |
five_star_plugins -- five_star_restaurant_menu
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star Restaurant Menu allows Stored XSS.This issue affects Five Star Restaurant Menu: from n/a through 2.4.14. |
2024-03-19 |
6.5 |
CVE-2024-29089
audit@patchstack.com |
folio -- spring_module_core
|
A vulnerability was found in Folio Spring Module Core up to 1.1.5. It has been rated as critical. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation leads to sql injection. Upgrading to version 2.0.0 is able to address this issue. The name of the patch is d374a5f77e6b58e36f0e0e4419be18b95edcd7ff. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-257516. |
2024-03-21 |
5.5 |
CVE-2022-4963
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
foliovision:_making_the_web_work_for_you -- fv_flowplayer_video_player
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Stored XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.41.7212. |
2024-03-19 |
6.5 |
CVE-2024-29122
audit@patchstack.com |
franciscop -- translate
|
Translate is a package that allows users to convert text to different languages on Node.js and the browser. Prior to version 3.0.0, an attacker controlling the second variable of the `translate` function is able to perform a cache poisoning attack. They can change the outcome of translation requests made by subsequent users. The `opt.id` parameter allows the overwriting of the cache key. If an attacker sets the `id` variable to the cache key that would be generated by another user, they can choose the response that user gets served. Version 3.0.0 fixes this issue. |
2024-03-22 |
5.3 |
CVE-2024-29042
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
fujian_kelixin_communication -- command_and_dispatch_platform
|
A vulnerability has been found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this vulnerability is an unknown functionality of the file api/client/down_file.php. The manipulation of the argument uuid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257197 was assigned to this vulnerability. |
2024-03-19 |
6.3 |
CVE-2024-2620
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
fujian_kelixin_communication -- command_and_dispatch_platform
|
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwd_update.php. The manipulation of the argument uuid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257198 is the identifier assigned to this vulnerability. |
2024-03-19 |
6.3 |
CVE-2024-2621
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
fujian_kelixin_communication -- command_and_dispatch_platform
|
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterprise_uuid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257199. |
2024-03-19 |
6.3 |
CVE-2024-2622
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
funnelkit -- automation_by_autonami
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: from n/a through 2.8.2. |
2024-03-21 |
6.5 |
CVE-2024-2580
audit@patchstack.com |
geoserver -- geoserver
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores through the REST Coverage Store or Data Store API to rename arbitrary files and directories with a name that does not end in `.zip`. Store file uploads rename zip files to have a `.zip` extension if it doesn't already have one before unzipping the file. This is fine for file and url upload methods where the files will be in a specific subdirectory of the data directory but, when using the external upload method, this allows arbitrary files and directories to be renamed. Renaming GeoServer files will most likely result in a denial of service, either completely preventing GeoServer from running or effectively deleting specific resources (such as a workspace, layer or style). In some cases, renaming GeoServer files could revert to the default settings for that file which could be relatively harmless like removing contact information or have more serious consequences like allowing users to make OGC requests that the customized settings would have prevented them from making. The impact of renaming non-GeoServer files depends on the specific environment although some sort of denial of service is a likely outcome. Versions 2.23.5 and 2.24.2 contain a fix for this issue. |
2024-03-20 |
6 |
CVE-2024-23634
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
geoserver -- geoserver
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend resources that will execute in the context of another administrator's browser when viewed in the REST Resources API. Access to the REST Resources API is limited to full administrators by default and granting non-administrators access to this endpoint should be carefully considered as it may allow access to files containing sensitive information. Versions 2.23.3 and 2.24.0 contain a patch for this issue. |
2024-03-20 |
4.8 |
CVE-2023-51445
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
geoserver -- geoserver
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend resources or in a specially crafted datastore file that will execute in the context of another user's browser when viewed in the Style Publisher. Access to the Style Publisher is available to all users although data security may limit users' ability to trigger the XSS. Versions 2.23.3 and 2.24.0 contain a fix for this issue. |
2024-03-20 |
4.8 |
CVE-2024-23640
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
geoserver -- geoserver
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the WMS GetMap SVG Output Format when the Simple SVG renderer is enabled. Access to the WMS SVG Format is available to all users by default although data and service security may limit users' ability to trigger the XSS. Versions 2.23.4 and 2.24.1 contain a fix for this issue. |
2024-03-20 |
4.8 |
CVE-2024-23642
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
geoserver -- geoserver
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.2 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another administrator's browser when viewed in the GWC Seed Form. Access to the GWC Seed Form is limited to full administrators by default and granting non-administrators access to this endpoint is not recommended. Versions 2.23.2 and 2.24.1 contain a fix for this issue. |
2024-03-20 |
4.8 |
CVE-2024-23643
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
geoserver -- geoserver
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the WMS GetMap OpenLayers Output Format. Access to the WMS OpenLayers Format is available to all users by default although data and service security may limit users' ability to trigger the XSS. Versions 2.23.3 and 2.24.1 contain a patch for this issue. |
2024-03-20 |
4.8 |
CVE-2024-23818
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
geoserver -- geoserver
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the MapML HTML Page. The MapML extension must be installed and access to the MapML HTML Page is available to all users although data security may limit users' ability to trigger the XSS. Versions 2.23.4 and 2.24.1 contain a patch for this issue. |
2024-03-20 |
4.8 |
CVE-2024-23819
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
geoserver -- geoserver
|
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog that will execute in the context of another user's browser when viewed in the GWC Demos Page. Access to the GWC Demos Page is available to all users although data security may limit users' ability to trigger the XSS. Versions 2.23.4 and 2.24.1 contain a patch for this issue. |
2024-03-20 |
4.8 |
CVE-2024-23821
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
github -- enterprise_server
|
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an attacker to use the Enterprise Actions GitHub Connect download token to fetch private repository data. An attacker would require an account on the server instance with non-default settings for GitHub Connect. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.16, 3.9.11, 3.10.8, and 3.11.6. This vulnerability was reported via the GitHub Bug Bounty program. |
2024-03-21 |
6.3 |
CVE-2024-1908
product-cna@github.com
product-cna@github.com
product-cna@github.com
product-cna@github.com |
github_ -- enterprise_server
|
A Cross Site Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker to execute unauthorized actions on behalf of an unsuspecting user. A mitigating factor is that user interaction is required. This vulnerability affected GitHub Enterprise Server 3.12.0 and was fixed in versions 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program. |
2024-03-21 |
4.3 |
CVE-2024-2748
product-cna@github.com |
glpi-project -- glpi
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13. |
2024-03-18 |
6.4 |
CVE-2024-27098
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
glpi-project -- glpi
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been patched in version 10.0.13. |
2024-03-18 |
6.5 |
CVE-2024-27930
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
glpi-project -- glpi
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.13. |
2024-03-18 |
6.5 |
CVE-2024-27937
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
glpi-project -- glpi
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI administrator in order to exploit a reflected XSS vulnerability. The XSS will only trigger if the administrator navigates through the debug bar. This issue has been patched in version 10.0.13. |
2024-03-18 |
5.3 |
CVE-2024-27914
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
glpi-project -- glpi
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. A user with rights to create and share dashboards can build a dashboard containing javascript code. Any user that will open this dashboard will be subject to an XSS attack. This issue has been patched in version 10.0.13. |
2024-03-18 |
4.5 |
CVE-2024-27104
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
godaddy -- page_builder_gutenberg_blocks_-_coblocks
|
The Page Builder Gutenberg Blocks - CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Widget's in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping on the link value. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-23 |
6.4 |
CVE-2024-1049
security@wordfence.com
security@wordfence.com |
gpriday -- page_builder_by_siteorigin
|
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the legacy Image widget in all versions up to, and including, 2.29.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-23 |
6.4 |
CVE-2024-2202
security@wordfence.com
security@wordfence.com
security@wordfence.com |
heyewei -- jfinalcms
|
A vulnerability has been found in heyewei JFinalCMS 5.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/div_data/delete?divId=9 of the component Custom Data Page. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257071. |
2024-03-17 |
4.7 |
CVE-2024-2568
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
ibm -- infosphere_information_server
|
IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 280361. |
2024-03-21 |
6.5 |
CVE-2024-22352
psirt@us.ibm.com
psirt@us.ibm.com |
ibm -- mq
|
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD is vulnerable to a denial-of-service attack due to an error within the MQ clustering logic. IBM X-Force ID: 268066. |
2024-03-20 |
5.3 |
CVE-2023-45177
psirt@us.ibm.com
psirt@us.ibm.com |
ibm -- security_verify_directory
|
IBM Security Verify Directory 10.0.0 could disclose sensitive server information that could be used in further attacks against the system. IBM X-Force ID: 228437. |
2024-03-22 |
5.3 |
CVE-2022-32751
psirt@us.ibm.com
psirt@us.ibm.com |
ibm -- security_verify_directory
|
IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228444. |
2024-03-22 |
4.5 |
CVE-2022-32753
psirt@us.ibm.com
psirt@us.ibm.com |
ibm -- security_verify_directory
|
IBM Security Verify Directory 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 228445. |
2024-03-22 |
4.8 |
CVE-2022-32754
psirt@us.ibm.com
psirt@us.ibm.com |
ibm -- security_verify_governance
|
IBM Security Verify Governance 10.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 258375. |
2024-03-20 |
5.9 |
CVE-2023-35888
psirt@us.ibm.com
psirt@us.ibm.com |
ibm -- storage_protect_plus_server
|
The private key for the IBM Storage Protect Plus Server 10.1.0 through 10.1.16 certificate can be disclosed, undermining the security of the certificate. IBM X-Force ID: 285205. |
2024-03-21 |
6.2 |
CVE-2024-27277
psirt@us.ibm.com
psirt@us.ibm.com |
ibm -- storage_protect_plus_server
|
IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with read-only permissions to add or delete entries from an existing HyperVisor configuration. IBM X-Force ID: 271538. |
2024-03-21 |
4.3 |
CVE-2023-47715
psirt@us.ibm.com
psirt@us.ibm.com |
inc2734 -- smart_custom_fields
|
The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relational_posts_search() function in all versions up to, and including, 4.2.2. This makes it possible for authenticated attackers, with subscrber-level access and above, to retrieve post content that is password protected and/or private. |
2024-03-20 |
4.3 |
CVE-2024-1995
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com |
infosatech -- revivepress_-_keep_your_old_content_evergreen
|
The RevivePress - Keep your Old Content Evergreen plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the import_data and copy_data functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated attackers, with subscriber-level access or higher, to overwrite plugin settings and view them. |
2024-03-20 |
4.3 |
CVE-2024-1844
security@wordfence.com
security@wordfence.com
security@wordfence.com |
isaacs -- node-tar
|
node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js client within few seconds of running it using a path with too many sub-folders inside. Version 6.2.1 fixes this issue by preventing extraction in excessively deep sub-folders. |
2024-03-21 |
6.5 |
CVE-2024-28863
security-advisories@github.com
security-advisories@github.com |
jan-peter_lambeck_&_3uu -- shariff_wrapper
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10. |
2024-03-19 |
6.5 |
CVE-2024-29109
audit@patchstack.com |
jean-david_daviet -- download_media
|
Missing Authorization vulnerability in Jean-David Daviet Download Media.This issue affects Download Media: from n/a through 1.4.2. |
2024-03-21 |
4.3 |
CVE-2024-27190
audit@patchstack.com |
jegtheme -- jeg_elementor_kit
|
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML Tag attributes in all versions up to, and including, 2.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-21 |
6.4 |
CVE-2024-1326
security@wordfence.com
security@wordfence.com
security@wordfence.com |
jegtheme -- jeg_elementor_kit
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a through 2.6.2. |
2024-03-19 |
6.5 |
CVE-2024-29101
audit@patchstack.com |
jetbrains -- teamcity
|
In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent process |
2024-03-21 |
4.2 |
CVE-2024-29880
cve@jetbrains.com |
jhpyle -- docassemble
|
Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, a user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The vulnerability has been patched in version 1.4.97 of the master branch. |
2024-03-21 |
6.1 |
CVE-2024-27290
security-advisories@github.com
security-advisories@github.com |
jhpyle -- docassemble
|
Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch. |
2024-03-21 |
6.1 |
CVE-2024-27291
security-advisories@github.com
security-advisories@github.com |
jp2112 -- standout_color_boxes_and_buttons
|
The Standout Color Boxes and Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'color-button' shortcode in all versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-20 |
6.4 |
CVE-2024-2474
security@wordfence.com
security@wordfence.com |
kilbot -- woocommerce_pos
|
The WooCommerce POS plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.4.11. This is due to the plugin not properly verifying the authentication and authorization of the current user This makes it possible for authenticated attackers, with customer-level access and above, to view potentially sensitive information about other users by leveraging their order id |
2024-03-20 |
4.3 |
CVE-2024-2384
security@wordfence.com
security@wordfence.com |
kishor-23 -- food_waste_management_system
|
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin.php. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257056. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-17 |
5.3 |
CVE-2024-2557
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
lakernote -- easyadmin
|
A vulnerability classified as critical has been found in lakernote EasyAdmin up to 20240315. This affects an unknown part of the file /ureport/designer/saveReportFile. The manipulation of the argument file leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257715. |
2024-03-22 |
6.3 |
CVE-2024-2825
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
lakernote -- easyadmin
|
A vulnerability classified as problematic was found in lakernote EasyAdmin up to 20240315. This vulnerability affects unknown code of the file /ureport/designer/saveReportFile. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257716. |
2024-03-22 |
6.3 |
CVE-2024-2826
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
lakernote -- easyadmin
|
A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257717 was assigned to this vulnerability. |
2024-03-22 |
6.3 |
CVE-2024-2827
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
lakernote -- easyadmin
|
A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 23165d8cb569048c531150f194fea39f8800b8d5. It is recommended to apply a patch to fix this issue. VDB-257718 is the identifier assigned to this vulnerability. |
2024-03-22 |
6.3 |
CVE-2024-2828
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
latchset -- jwcrypto
|
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot of memory and processing time. Version 1.5.6 fixes this vulnerability by limiting the maximum token length. |
2024-03-21 |
6.8 |
CVE-2024-28102
security-advisories@github.com
security-advisories@github.com |
leap13 -- premium_addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.16. |
2024-03-19 |
6.5 |
CVE-2024-29106
audit@patchstack.com |
leevio -- happy_addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leevio Happy Addons for Elementor allows Stored XSS.This issue affects Happy Addons for Elementor: from n/a through 3.10.1. |
2024-03-19 |
6.5 |
CVE-2024-29108
audit@patchstack.com |
liquidpoll -- liquidpoll_-_polls,_surveys,_nps_and_feedback_reviews
|
The LiquidPoll - Polls, Surveys, NPS and Feedback Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.76 via the poller_list shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to extract information from polls that may be private. |
2024-03-22 |
4.3 |
CVE-2024-2080
security@wordfence.com
security@wordfence.com |
magenet -- website_article_monetization_by_magenet
|
The Website Article Monetization By MageNet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'abp_auth_key' parameter in all versions up to, and including, 1.0.11 due to insufficient input sanitization and output escaping and a missing authorization check. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-20 |
6.1 |
CVE-2024-1379
security@wordfence.com
security@wordfence.com |
magesh-k21 -- online-college-event-hall-reservation-system
|
A vulnerability, which was classified as critical, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This affects an unknown part of the file /admin/users.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256971. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-17 |
6.3 |
CVE-2024-2534
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
matt_manning -- mjm_clinic
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Manning MJM Clinic.This issue affects MJM Clinic: from n/a through 1.1.22. |
2024-03-19 |
6.5 |
CVE-2024-29096
audit@patchstack.com |
matt_manning -- mjm_clinic
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Manning MJM Clinic allows Stored XSS.This issue affects MJM Clinic: from n/a through 1.1.22. |
2024-03-19 |
5.9 |
CVE-2024-29140
audit@patchstack.com |
matthias-wandel -- jhead
|
A vulnerability was found in Matthias-Wandel jhead 3.08 and classified as critical. This issue affects the function PrintFormatNumber of the file exif.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257711. |
2024-03-22 |
6.3 |
CVE-2024-2824
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
mbis -- permalink_manager_pro
|
The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_permalink' function in all versions up to, and including, 2.4.3.1. This makes it possible for authenticated attackers, with author access and above, to modify the permalinks of arbitrary posts. |
2024-03-20 |
5.4 |
CVE-2024-2538
security@wordfence.com
security@wordfence.com
security@wordfence.com |
melapress -- wp_2fa
|
Improper Authentication vulnerability in Melapress WP 2FA allows Authentication Bypass.This issue affects WP 2FA: from n/a through 2.2.0. |
2024-03-21 |
5.3 |
CVE-2022-44595
audit@patchstack.com |
microsoft -- microsoft_edge_(chromium-based)
|
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
2024-03-22 |
4.7 |
CVE-2024-26247
secure@microsoft.com |
microsoft -- microsoft_edge_(chromium-based)
|
Microsoft Edge (Chromium-based) Spoofing Vulnerability |
2024-03-22 |
4.3 |
CVE-2024-29057
secure@microsoft.com |
microsoft -- microsoft_edge_for_android
|
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability |
2024-03-21 |
4.3 |
CVE-2024-26196
secure@microsoft.com |
moby -- moby
|
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature is frequently referred to as custom networks, as each network can have a different driver, set of parameters and thus behaviors. When creating a network, the `--internal` flag is used to designate a network as _internal_. The `internal` attribute in a docker-compose.yml file may also be used to mark a network _internal_, and other API clients may specify the `internal` parameter as well. When containers with networking are created, they are assigned unique network interfaces and IP addresses. The host serves as a router for non-internal networks, with a gateway IP that provides SNAT/DNAT to/from container IPs. Containers on an internal network may communicate between each other, but are precluded from communicating with any networks the host has access to (LAN or WAN) as no default route is configured, and firewall rules are set up to drop all outgoing traffic. Communication with the gateway IP address (and thus appropriately configured host services) is possible, and the host may communicate with any container IP directly. In addition to configuring the Linux kernel's various networking features to enable container networking, `dockerd` directly provides some services to container networks. Principal among these is serving as a resolver, enabling service discovery, and resolution of names from an upstream resolver. When a DNS request for a name that does not correspond to a container is received, the request is forwarded to the configured upstream resolver. This request is made from the container's network namespace: the level of access and routing of traffic is the same as if the request was made by the container itself. As a consequence of this design, containers solely attached to an internal network will be unable to resolve names using the upstream resolver, as the container itself is unable to communicate with that nameserver. Only the names of containers also attached to the internal network are able to be resolved. Many systems run a local forwarding DNS resolver. As the host and any containers have separate loopback devices, a consequence of the design described above is that containers are unable to resolve names from the host's configured resolver, as they cannot reach these addresses on the host loopback device. To bridge this gap, and to allow containers to properly resolve names even when a local forwarding resolver is used on a loopback address, `dockerd` detects this scenario and instead forward DNS requests from the host namework namespace. The loopback resolver then forwards the requests to its configured upstream resolvers, as expected. Because `dockerd` forwards DNS requests to the host loopback device, bypassing the container network namespace's normal routing semantics entirely, internal networks can unexpectedly forward DNS requests to an external nameserver. By registering a domain for which they control the authoritative nameservers, an attacker could arrange for a compromised container to exfiltrate data by encoding it in DNS queries that will eventually be answered by their nameservers. Docker Desktop is not affected, as Docker Desktop always runs an internal resolver on a RFC 1918 address. Moby releases 26.0.0, 25.0.4, and 23.0.11 are patched to prevent forwarding any DNS requests from internal networks. As a workaround, run containers intended to be solely attached to internal networks with a custom upstream address, which will force all upstream DNS queries to be resolved from the container's network namespace. |
2024-03-20 |
5.9 |
CVE-2024-29018
security-advisories@github.com
security-advisories@github.com |
moveaddons -- move_addons_for_elementor
|
The Move Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's infobox and button widget in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-23 |
6.4 |
CVE-2024-2131
security@wordfence.com
security@wordfence.com |
n-media -- frontend_file_manager
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7. |
2024-03-17 |
5.3 |
CVE-2024-25903
audit@patchstack.com |
n/a -- 74cms
|
A vulnerability, which was classified as critical, has been found in 74CMS 3.28.0. Affected by this issue is the function sendCompanyLogo of the file /controller/company/Index.php#sendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257060. |
2024-03-17 |
6.3 |
CVE-2024-2561
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
n/a -- black
|
Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings. |
2024-03-19 |
5.3 |
CVE-2024-21503
report@snyk.io
report@snyk.io
report@snyk.io |
n/a -- dedecms
|
A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257707. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-22 |
4.3 |
CVE-2024-2820
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
n/a -- dedecms
|
A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlink_edit.php. The manipulation of the argument id leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257708. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-22 |
4.3 |
CVE-2024-2821
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
n/a -- dedecms
|
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/vote_edit.php. The manipulation of the argument aid leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257709 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-22 |
4.3 |
CVE-2024-2822
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
n/a -- dedecms
|
A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/mda_main.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257710 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-22 |
4.3 |
CVE-2024-2823
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
n/a -- gnutls
|
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel. |
2024-03-21 |
5.3 |
CVE-2024-28834
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com |
n/a -- gnutls
|
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command. |
2024-03-21 |
5 |
CVE-2024-28835
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com |
n/a -- iperf
|
A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service. |
2024-03-18 |
5.3 |
CVE-2023-7250
secalert@redhat.com
secalert@redhat.com |
n/a -- libvirt
|
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash. |
2024-03-21 |
6.2 |
CVE-2024-2494
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com |
n/a -- libvirt
|
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash. |
2024-03-18 |
5 |
CVE-2024-2496
secalert@redhat.com
secalert@redhat.com |
n/a -- livewire/livewire
|
Versions of the package livewire/livewire from 3.3.5 and before 3.4.9 are vulnerable to Cross-site Scripting (XSS) when a page uses [Url] for a property. An attacker can inject HTML code in the context of the user's browser session by crafting a malicious link and convincing the user to click on it. |
2024-03-19 |
6.1 |
CVE-2024-21504
report@snyk.io
report@snyk.io
report@snyk.io
report@snyk.io |
n/a -- osbuild-composer
|
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built. |
2024-03-19 |
6.1 |
CVE-2024-2307
secalert@redhat.com
secalert@redhat.com |
n/a -- zhicms
|
A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-255269 was assigned to this vulnerability. |
2024-03-21 |
6.3 |
CVE-2024-2015
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
n/a -- zhicms
|
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-255270 is the identifier assigned to this vulnerability. |
2024-03-21 |
6.3 |
CVE-2024-2016
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
nasirahmed -- advanced_form_integration_-_connect_woocommerce_and_contact_form_7_to_google_sheets_and_other_platforms
|
The Advanced Form Integration - Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms plugin for WordPress is vulnerable to SQL Injection via the 'integration_id' parameter in all versions up to, and including, 1.82.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries and subsequently inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. |
2024-03-20 |
6.1 |
CVE-2024-2387
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com |
netentsec -- ns-asg_application_security_gateway
|
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfirewall.php. The manipulation of the argument FireWallTableArray leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257282 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-19 |
6.3 |
CVE-2024-2644
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
netentsec -- ns-asg_application_security_gateway
|
A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /vpnweb/index.php?para=index. The manipulation of the argument check_VirtualSiteId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257284. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-19 |
6.3 |
CVE-2024-2646
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
netentsec -- ns-asg_application_security_gateway
|
A vulnerability has been found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /protocol/iscdevicestatus/deleteonlineuser.php. The manipulation of the argument messagecontent leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257287. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-20 |
6.3 |
CVE-2024-2649
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
netentsec -- ns-asg_application_security_gateway
|
A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /vpnweb/resetpwd/resetpwd.php. The manipulation of the argument UserId leads to improper neutralization of data within xpath expressions. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257283. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-19 |
4.3 |
CVE-2024-2645
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
netentsec -- ns-asg_application_security_gateway
|
A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of the argument username leads to improper neutralization of data within xpath expressions. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257286 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-19 |
4.3 |
CVE-2024-2648
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
octoprint -- octoprint
|
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to configure or talk a victim with administrator rights into configuring a webcam snapshot URL which when tested through the "Test" button included in the web interface will execute JavaScript code in the victims browser when attempting to render the snapshot image. An attacker who successfully talked a victim with admin rights into performing a snapshot test with such a crafted URL could use this to retrieve or modify sensitive configuration settings, interrupt prints or otherwise interact with the OctoPrint instance in a malicious way. The vulnerability is patched in version 1.10.0rc3. OctoPrint administrators are strongly advised to thoroughly vet who has admin access to their installation and what settings they modify based on instructions by strangers. |
2024-03-18 |
4 |
CVE-2024-28237
security-advisories@github.com
security-advisories@github.com |
openbmb -- xagent
|
A vulnerability was found in OpenBMB XAgent 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Privileged Mode. The manipulation leads to sandbox issue. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-255265 was assigned to this vulnerability. |
2024-03-21 |
5.3 |
CVE-2024-2007
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
opentext -- service_management_automation_x_(smax)
|
Insufficient Granularity of Access Control vulnerability in OpenText™ Service Management Automation X (SMAX), OpenText™ Asset Management X (AMX) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Service Management Automation X (SMAX) versions 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11; and Asset Management X (AMX) versions 2021.08, 2021.11, 2022.05, 2022.11. |
2024-03-19 |
6.5 |
CVE-2023-32259
security@opentext.com |
opentext -- service_management_automation_x_(smax)
|
Misinterpretation of Input vulnerability in OpenText™ Service Management Automation X (SMAX), OpenText™ Asset Management X (AMX), and OpenText™ Hybrid Cloud Management X (HCMX) products. The vulnerability could allow Input data manipulation.This issue affects Service Management Automation X (SMAX) versions: 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11, 2023.05; Asset Management X (AMX) versions: 2021.08, 2021.11, 2022.05, 2022.11, 2023.05; and Hybrid Cloud Management X (HCMX) versions: 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11, 2023.05. |
2024-03-19 |
6.5 |
CVE-2023-32260
security@opentext.com |
openzeppelin -- openzeppelin-contracts
|
OpenZeppelin Contracts is a library for secure smart contract development. The `Base64.encode` function encodes a `bytes` input by iterating over it in chunks of 3 bytes. When this input is not a multiple of 3, the last iteration may read parts of the memory that are beyond the input buffer. The vulnerability is fixed in 5.0.2 and 4.9.6. |
2024-03-21 |
6.5 |
CVE-2024-27094
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
osamaesh -- wp_visitor_statistics_(real_time_traffic)
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4. |
2024-03-17 |
5.3 |
CVE-2024-24867
audit@patchstack.com |
pandaxgo -- pandax
|
A vulnerability, which was classified as critical, was found in PandaXGO PandaX up to 20240310. This affects the function InsertRole of the file /apps/system/services/role_menu.go. The manipulation of the argument roleKey leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257061 was assigned to this vulnerability. |
2024-03-17 |
6.3 |
CVE-2024-2562
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
pandaxgo -- pandax
|
A vulnerability was found in PandaXGO PandaX up to 20240310 and classified as critical. This issue affects the function ExportUser of the file /apps/system/api/user.go. The manipulation of the argument filename leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257063. |
2024-03-17 |
6.3 |
CVE-2024-2564
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
pandaxgo -- pandax
|
A vulnerability was found in PandaXGO PandaX up to 20240310. It has been classified as critical. Affected is an unknown function of the file /apps/system/router/upload.go of the component File Extension Handler. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257064. |
2024-03-17 |
6.3 |
CVE-2024-2565
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
pandaxgo -- pandax
|
A vulnerability has been found in PandaXGO PandaX up to 20240310 and classified as critical. This vulnerability affects the function DeleteImage of the file /apps/system/router/upload.go. The manipulation of the argument fileName with the input ../../../../../../../../../tmp/1.txt leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257062 is the identifier assigned to this vulnerability. |
2024-03-17 |
5.4 |
CVE-2024-2563
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
pandora_fms -- pandora_fms
|
: Path Traversal vulnerability in Pandora FMS on all allows Path Traversal. This vulnerability allowed changing directories and creating files and downloading them outside the allowed directories. This issue affects Pandora FMS: from 700 through <776. |
2024-03-19 |
6.7 |
CVE-2023-41793
security@pandorafms.com |
pandora_fms -- pandora_fms
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through <776. |
2024-03-19 |
6.8 |
CVE-2023-44090
security@pandorafms.com |
paul_ryley -- site_reviews
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Ryley Site Reviews allows Stored XSS.This issue affects Site Reviews: from n/a through 6.11.6. |
2024-03-19 |
5.9 |
CVE-2024-29095
audit@patchstack.com |
pdf_embedder -- pdf_embedder
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4. |
2024-03-19 |
6.5 |
CVE-2024-29141
audit@patchstack.com |
pepro_dev._group -- peprodev_ultimate_invoice
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7. |
2024-03-17 |
5.3 |
CVE-2024-25933
audit@patchstack.com |
pickplugins -- user_profile
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins User profile allows Stored XSS.This issue affects User profile: from n/a through 2.0.20. |
2024-03-19 |
6.3 |
CVE-2024-29097
audit@patchstack.com |
progress_software -- moveit_transfer
|
In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly. |
2024-03-20 |
4.3 |
CVE-2024-2291
security@progress.com
security@progress.com |
python_software_foundation -- cpython
|
An issue was found in the CPython `zipfile` module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to "quoted-overlap" zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive. |
2024-03-19 |
6.2 |
CVE-2024-0450
cna@python.org
cna@python.org
cna@python.org
cna@python.org
cna@python.org
cna@python.org
cna@python.org
cna@python.org
cna@python.org
cna@python.org
cna@python.org |
qiskit -- qiskit-ibm-runtime
|
Qiskit IBM Runtime is an environment that streamlines quantum computations and provides optimal implementations of the Qiskit quantum computing SDK. Starting in version 0.1.0 and prior to version 0.21.2, deserializing json data using `qiskit_ibm_runtime.RuntimeDecoder` can lead to arbitrary code execution given a correctly formatted input string. Version 0.21.2 contains a fix for this issue. |
2024-03-20 |
5.3 |
CVE-2024-29032
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
railmedia -- order_tip_for_woocommerce
|
The Order Tip for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_tips_to_csv() function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to export the plugin's order fees. |
2024-03-20 |
5.3 |
CVE-2024-1119
security@wordfence.com
security@wordfence.com
security@wordfence.com |
realmag777 -- bear
|
Missing Authorization vulnerability in realmag777 BEAR.This issue affects BEAR: from n/a through 1.1.4. |
2024-03-23 |
4.3 |
CVE-2024-24835
audit@patchstack.com |
remyb92 -- translate_wordpress_and_go_multilingual_-_weglot
|
The Translate WordPress and go Multilingual - Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as 'className'. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-20 |
6.4 |
CVE-2024-2124
security@wordfence.com
security@wordfence.com
security@wordfence.com |
repute_infosystems -- armember_-_membership_plugin_content_restriction_member_levels_user_profile_&_user_signup
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARMember - Membership Plugin, Content Restriction, Member Levels, User Profile & User signup allows Stored XSS.This issue affects ARMember - Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: from n/a through 4.0.23. |
2024-03-21 |
5.9 |
CVE-2024-27995
audit@patchstack.com |
rewardsfuel -- contests_by_rewards_fuel
|
The Contests by Rewards Fuel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'update_rewards_fuel_api_key' parameter in all versions up to, and including, 2.0.64 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-20 |
6.4 |
CVE-2024-1787
security@wordfence.com
security@wordfence.com |
rewardsfuel -- contests_by_rewards_fuel
|
The Contests by Rewards Fuel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.62. This is due to missing or incorrect nonce validation on the ajax_handler() function. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious JavaScript via a forged request granted they can trick a site's user with the edit_posts capability into performing an action such as clicking on a link. |
2024-03-20 |
5.4 |
CVE-2024-1785
security@wordfence.com
security@wordfence.com |
rubengc -- gamipress_-_button
|
The GamiPress - Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gamipress_button' shortcode in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-20 |
6.4 |
CVE-2024-2460
security@wordfence.com
security@wordfence.com |
ruijie -- rg-nbs2009g-p
|
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257280. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-19 |
5.3 |
CVE-2024-2641
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
saleor -- storefront
|
Saleor Storefront is software for building e-commerce experiences. Prior to commit 579241e75a5eb332ccf26e0bcdd54befa33f4783, when any user authenticates in the storefront, anonymous users are able to access their data. The session is leaked through cache and can be accessed by anyone. Users should upgrade to a version that incorporates commit 579241e75a5eb332ccf26e0bcdd54befa33f4783 or later to receive a patch. A possible workaround is to temporarily disable authentication by changing the usage of `createSaleorAuthClient()`. |
2024-03-20 |
4.3 |
CVE-2024-29036
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com |
save_as_pdf_plugin_by_pdfcrowd -- word_replacer_pro
|
Missing Authorization vulnerability in Save as PDF plugin by Pdfcrowd Word Replacer Pro.This issue affects Word Replacer Pro: from n/a through 1.0. |
2024-03-20 |
6.5 |
CVE-2023-52229
audit@patchstack.com |
scrollsequence -- scrollsequence
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scrollsequence allows Stored XSS.This issue affects Scrollsequence: from n/a through 1.5.4. |
2024-03-19 |
6.5 |
CVE-2024-29118
audit@patchstack.com |
sjaved -- easy_social_feed_-_social_photos_gallery_-_post_feed_-_like_box
|
The Easy Social Feed - Social Photos Gallery - Post Feed - Like Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'efb_likebox' shortcode in all versions up to, and including, 6.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-21 |
6.4 |
CVE-2024-1278
security@wordfence.com
security@wordfence.com |
sjaved -- easy_social_feed_-_social_photos_gallery_-_post_feed_-_like_box
|
The Easy Social Feed - Social Photos Gallery - Post Feed - Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.4. This is due to missing or incorrect nonce validation on the esf_insta_save_access_token and efbl_save_facebook_access_token functions. This makes it possible for unauthenticated attackers to connect their facebook and instagram pages to the site via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
2024-03-21 |
5.4 |
CVE-2024-1213
security@wordfence.com
security@wordfence.com |
sjaved -- easy_social_feed_-_social_photos_gallery_-_post_feed_-_like_box
|
The Easy Social Feed - Social Photos Gallery - Post Feed - Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.4. This is due to missing or incorrect nonce validation on the save_groups_list function. This makes it possible for unauthenticated attackers to disconnect a site's facebook or instagram page/group connection via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
2024-03-21 |
4.3 |
CVE-2024-1214
security@wordfence.com
security@wordfence.com |
sonatype -- iq_server
|
Path Traversal in Sonatype IQ Server from version 143 allows remote authenticated attackers to overwrite or delete files via a specially crafted request. Version 171 fixes this issue. |
2024-03-21 |
5.4 |
CVE-2024-1142
103e4ec9-0a87-450b-af77-479448ddef11 |
sourcecodester -- complete_e-commerce_site
|
A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257544. |
2024-03-21 |
4.7 |
CVE-2024-2754
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
sourcecodester -- employee_task_management_system
|
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file update-employee.php. The manipulation of the argument admin_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257053 was assigned to this vulnerability. |
2024-03-17 |
6.3 |
CVE-2024-2554
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
sourcecodester -- employee_task_management_system
|
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update-admin.php. The manipulation of the argument admin_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257054 is the identifier assigned to this vulnerability. |
2024-03-17 |
6.3 |
CVE-2024-2555
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
sourcecodester -- employee_task_management_system
|
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257055. |
2024-03-17 |
6.3 |
CVE-2024-2556
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
sourcecodester -- file_manager_app
|
A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257182 is the identifier assigned to this vulnerability. |
2024-03-18 |
6.3 |
CVE-2024-2604
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
sourcecodester -- online_discussion_forum_site
|
A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file /uupdate.php. The manipulation of the argument ima leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257388. |
2024-03-20 |
6.3 |
CVE-2024-2690
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
sourcecodester -- simple_file_manager
|
A vulnerability classified as critical was found in SourceCodester Simple File Manager 1.0. This vulnerability affects unknown code. The manipulation of the argument photo leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257770 is the identifier assigned to this vulnerability. |
2024-03-23 |
6.3 |
CVE-2024-2849
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
spring -- spring
|
Spring Authorization Server versions 1.0.0 - 1.0.5, 1.1.0 - 1.1.5, 1.2.0 - 1.2.2 and older unsupported versions are susceptible to a PKCE Downgrade Attack for Confidential Clients. Specifically, an application is vulnerable when a Confidential Client uses PKCE for the Authorization Code Grant. An application is not vulnerable when a Public Client uses PKCE for the Authorization Code Grant. |
2024-03-20 |
6.1 |
CVE-2024-22258
security@vmware.com |
supercleanse -- pretty_links_-_affiliate_links_link_branding_link_tracking_&_marketing_plugin
|
The Pretty Links - Affiliate Links, Link Branding, Link Tracking & Marketing Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.3. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's configuration including stripe integration via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
2024-03-23 |
4.3 |
CVE-2024-2326
security@wordfence.com
security@wordfence.com |
survey_maker_team -- survey_maker
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS.This issue affects Survey Maker: from n/a through 4.0.5. |
2024-03-19 |
5.9 |
CVE-2024-27996
audit@patchstack.com |
tenda -- ac10u
|
A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257458 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-20 |
6.3 |
CVE-2024-2707
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
tenda -- ac15
|
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257667. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-22 |
6.3 |
CVE-2024-2812
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
tenda -- ac15
|
A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-22 |
4.3 |
CVE-2024-2816
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
tenda -- ac15
|
A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257672. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-22 |
4.3 |
CVE-2024-2817
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
tenda -- ac18
|
A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257058 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-17 |
4.3 |
CVE-2024-2559
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
tenda -- ac18
|
A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257059. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
2024-03-17 |
4.3 |
CVE-2024-2560
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com |
themefic -- tourfic
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Tourfic allows Stored XSS.This issue affects Tourfic: from n/a through 2.11.8. |
2024-03-19 |
6.5 |
CVE-2024-29134
audit@patchstack.com |
themegrill -- colormag
|
The ColorMag theme for WordPress is vulnerable to Stored Cross-Site Scripting via a user's Display Name in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authentciated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-22 |
6.4 |
CVE-2024-2500
security@wordfence.com
security@wordfence.com
security@wordfence.com |
themelocation -- custom_woocommerce_checkout_fields_editor
|
The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the save_wcfe_options function in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-23 |
6.4 |
CVE-2024-1697
security@wordfence.com
security@wordfence.com
security@wordfence.com |
themeum -- tutor_lms_-_elearning_and_online_course_solution
|
The Tutor LMS - eLearning and online course solution plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tutor_delete_announcement() function in all versions up to, and including, 2.6.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary posts. |
2024-03-21 |
5.4 |
CVE-2024-1502
security@wordfence.com
security@wordfence.com |
themeum -- tutor_lms_-_elearning_and_online_course_solution
|
The Tutor LMS - eLearning and online course solution plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.1. This is due to missing or incorrect nonce validation on the erase_tutor_data() function. This makes it possible for unauthenticated attackers to deactivate the plugin and erase all data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This requires the "Erase upon uninstallation" option to be enabled. |
2024-03-21 |
4.3 |
CVE-2024-1503
security@wordfence.com
security@wordfence.com |
timersys -- wp_popups
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timersys WP Popups allows Stored XSS.This issue affects WP Popups: from n/a through 2.1.5.5. |
2024-03-19 |
5.9 |
CVE-2024-29105
audit@patchstack.com |
tobias_conrad -- builder_for_woocommerce_reviews_shortcodes_-_reviewshort
|
Cross-Site Request Forgery (CSRF) vulnerability in Tobias Conrad Builder for WooCommerce reviews shortcodes - ReviewShort.This issue affects Builder for WooCommerce reviews shortcodes - ReviewShort: from n/a through 1.01.3. |
2024-03-19 |
4.3 |
CVE-2024-29093
audit@patchstack.com |
visualcomposer -- visual_composer_website_builder
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visualcomposer Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through 45.6.0. |
2024-03-19 |
5.9 |
CVE-2024-27997
audit@patchstack.com |
w3_eden_inc -- download_manager
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Download Manager allows Stored XSS.This issue affects Download Manager: from n/a through 3.2.84. |
2024-03-19 |
6.5 |
CVE-2024-29114
audit@patchstack.com |
webtoffee -- woocommerce_pdf_invoices_packing_slips_delivery_notes_and_shipping_labels
|
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Customer Notes field in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected invoice for printing. |
2024-03-22 |
6.1 |
CVE-2024-0957
security@wordfence.com
security@wordfence.com |
webvitaly -- sitekit
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webvitaly Sitekit allows Stored XSS.This issue affects Sitekit: from n/a through 1.6. |
2024-03-19 |
6.5 |
CVE-2024-29111
audit@patchstack.com |
wp_marketing_robot -- woocommerce_google_feed_manager
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Marketing Robot WooCommerce Google Feed Manager allows Stored XSS.This issue affects WooCommerce Google Feed Manager: from n/a through 2.2.0. |
2024-03-19 |
5.9 |
CVE-2024-29112
audit@patchstack.com |
wpbits -- wpbits_addons_for_elementor_page_builder
|
The WPBITS Addons For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's heading widget in all versions up to, and including, 1.3.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-20 |
6.4 |
CVE-2024-2129
security@wordfence.com
security@wordfence.com |
wpcoder -- wp_coder
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5. |
2024-03-21 |
5.9 |
CVE-2024-2578
audit@patchstack.com |
wpdevteam -- embedpress_-_embed_pdf_google_docs_vimeo_wistia_embed_youtube_videos_audios_maps_&_embed_any_documents_in_gutenberg_&_elemento
|
The EmbedPress - Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the EmbedPress document widget in all versions up to, and including, 3.9.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-23 |
5.4 |
CVE-2024-2688
security@wordfence.com
security@wordfence.com |
wpdevteam -- embedpress_-_embed_pdf_google_docs_vimeo_wistia_embed_youtube_videos_audios_maps_&_embed_any_documents_in_gutenberg_&_elementor
|
The EmbedPress - Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the EmbedPress widget 'embedpress_pro_twitch_theme ' attribute in all versions up to, and including, 3.9.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-23 |
6.4 |
CVE-2024-2468
security@wordfence.com
security@wordfence.com |
wpdevteam -- essential_blocks_-_page_builder_gutenberg_blocks-patterns_&_templates
|
The Essential Blocks - Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 4.5.2 due to insufficient input sanitization and output escaping on user supplied attributes such as listStyle. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
2024-03-20 |
6.4 |
CVE-2024-2255
security@wordfence.com
security@wordfence.com
security@wordfence.com |
wpfunnels_team -- wpfunnels
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels Team WPFunnels allows Stored XSS.This issue affects WPFunnels: from n/a through 3.0.6. |
2024-03-21 |
5.9 |
CVE-2024-27965
audit@patchstack.com |
wpvibes -- elementor_addon_elements
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.12.10. |
2024-03-19 |
6.5 |
CVE-2024-29107
audit@patchstack.com |
zaytech -- smart_online_order_for_clover
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zaytech Smart Online Order for Clover allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through 1.5.5. |
2024-03-19 |
6.5 |
CVE-2024-29115
audit@patchstack.com |
zimma_ltd. -- ticket_tailor
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zimma Ltd. Ticket Tailor allows Stored XSS.This issue affects Ticket Tailor: from n/a through 1.10. |
2024-03-19 |
6.5 |
CVE-2024-29104
audit@patchstack.com |
zulip -- zulip
|
Zulip is an open-source team collaboration. When a user moves a Zulip message, they have the option to move all messages in the topic, move only subsequent messages as well, or move just a single message. If the user chose to just move one message, and was moving it from a public stream to a private stream, Zulip would successfully move the message, -- but active users who did not have access to the private stream, but whose client had already received the message, would continue to see the message in the public stream until they reloaded their client. Additionally, Zulip did not remove view permissions on the message from recently-active users, allowing the message to show up in the "All messages" view or in search results, but not in "Inbox" or "Recent conversations" views. While the bug has been present since moving messages between streams was first introduced in version 3.0, this option became much more common starting in Zulip 8.0, when the default option in the picker for moving the very last message in a conversation was changed. This issue is fixed in Zulip Server 8.3. No known workarounds are available. |
2024-03-20 |
6.5 |
CVE-2024-27286
security-advisories@github.com
security-advisories@github.com |