Album And Image Gallery With Lightbox – Flagallery Photo Portfolio Security Vulnerabilities

CVE-2024-1134

The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SEO title and description parameters as well as others in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-36361

Pug through 3.0.2 allows JavaScript code execution if an application accepts untrusted input for the name option of the compileClient, compileFileClient, or compileClientWithDependenciesTracked function. NOTE: these functions are for compiling Pug templates into JavaScript, and there would...

UK PSTI? You’ll need a Vulnerability Disclosure Program!

If you are distributing or selling smart devices in to the UK market, your products will need to be compliant with the UK Product Security and Telecommunications Act. One of the three mandatory areas is that you have a vulnerability disclosure program (VDP) In the supporting materials for the Act,....

Cross-Site Scripting

shopware/shopware is vulnerable to Cross-Site Scripting. The vulnerability is due to inadequate input sanitization in the frontend, which allows an attacker to inject and execute malicious scripts in the context of a victim’s web...

CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection

The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the check_nonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...

CVE-2024-1134 SEOPress – On-site SEO <= 7.5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SEO title and description parameters as well as others in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-3718 The Plus Addons for Elementor <= 5.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Progress Bar, Header Meta Content, Scroll Navigation, Pricing Table, & Flip Box

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's widgets all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

Cross-Site Scripting (XSS)

umbracocms is vulnerable to stored Cross-site Scripting (XSS). The vulnerability is due to the lack of input sanitization, allowing attackers with access to the backoffice to inject malicious content into a website or...

CVE-2024-2618

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the size attribute in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-2784

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Hover Card widget in all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....

CVE-2024-3557

The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpgmza shortcode in all versions up to, and including, 9.0.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

vodafone.motion-tm.de Cross Site Scripting vulnerability OBB-3930078

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-3557 WP Go Maps (formerly WP Google Maps) <= 9.0.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpgmza shortcode in all versions up to, and including, 9.0.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

CVE-2024-2784 The Plus Addons for Elementor <= 5.5.4 - Authenticated (Contibutor+) Stored Cross-Site Scripting via Hover Card

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Hover Card widget in all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....

CVE-2024-2618 Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the size attribute in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-4544

The Pie Register - Social Sites Login (Add on) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.7. This is due to insufficient verification on the user being supplied during a social login through the plugin. This makes it possible for...

CVE-2024-4544 Pie Register - Social Sites Login (Add on) <= 1.7.7 - Authentication Bypass

The Pie Register - Social Sites Login (Add on) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.7. This is due to insufficient verification on the user being supplied during a social login through the plugin. This makes it possible for...

CVE-2024-4409

The WP-ViperGB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's settings via a.....

CVE-2024-5205

The Videojs HTML5 Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videojs_video shortcode in all versions up to, and including, 1.1.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-5205 Videojs HTML5 Player <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via videojs_video Shortcode

The Videojs HTML5 Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videojs_video shortcode in all versions up to, and including, 1.1.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

onlineregister.com Cross Site Scripting vulnerability OBB-3930077

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-4409 WP-ViperGB <= 1.6.1 - Cross-Site Request Forgery

The WP-ViperGB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's settings via a.....

gotolouisville.com Cross Site Scripting vulnerability OBB-3930074

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

rockerek.hu Cross Site Scripting vulnerability OBB-3930073

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

jets.ru Cross Site Scripting vulnerability OBB-3930072

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

premierwardrobes.ie Cross Site Scripting vulnerability OBB-3930069

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

tiptop.ie Cross Site Scripting vulnerability OBB-3930068

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

[SECURITY] Fedora 39 Update: libreoffice-7.6.7.2-1.fc39

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. ...

[SECURITY] Fedora 39 Update: thunderbird-115.11.0-1.fc39

Mozilla Thunderbird is a standalone mail and newsgroup...

kapiticars.co.nz Cross Site Scripting vulnerability OBB-3930065

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

hollenberg-haltern.de Cross Site Scripting vulnerability OBB-3930064

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-28188

Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...

Intel Media SDK Multiple Vulnerabilities (INTEL-SA-00935)

The version of Intel Media SDK installed on the remote host is affected by multiple vulnerabilities: Improper input validation in Intel Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access. (CVE-2023-48368) Improper buffer...

Aqua Security Trivy < 0.51.2 Credential Leak (GHSA-xcq4-m2r3-cmrj)

The version of Aqua Security Trivy installed on the remote host is prior to 0.51.2. It is, therefore, affected by a vulnerability as referenced in the GHSA-xcq4-m2r3-cmrj advisory. If a malicious actor is able to trigger Trivy to scan container images from a crafted malicious registry, it...

Oracle Linux 9 : tomcat (ELSA-2024-3307)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3307 advisory. [1:9.0.87-1.el9_4.1] - Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with...

SUSE SLES15 / openSUSE 15 Security Update : postgresql14 (SUSE-SU-2024:1768-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1768-1 advisory. PostgreSQL upgrade to version 14.12 (bsc#1224051): - CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and...

SUSE SLES15 / openSUSE 15 Security Update : python-sqlparse (SUSE-SU-2024:1767-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1767-1 advisory. - CVE-2024-4340: Catch RecursionError to avoid a denial of service. (bsc#1223603) Tenable has extracted the preceding...

Debian dsa-5697 : chromium - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5697 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5697-1 [email protected] ...

Jcow Social Network Cross Site Scripting

...

Ivanti Policy Secure 22.x XSS Vulnerability

The Ivanti Policy Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by a CRLF vulnerability. This vulnerability allows an authenticated high-privileged user to inject malicious code on a victim’s browser, thereby leading to cross-site scripting attack. Note that...

ManageEngine ServiceDesk Plus MSP < 14.7 Build 14720

The version of ManageEngine ServiceDesk Plus MSP installed on the remote host is prior to 14.7 Build 14720. It is, therefore, affected by a vulnerability as referenced in the service-desk-msp_cve-2024-27314 advisory. A stored cross-site scripting (XSS) vulnerability allowed users with the SDAdmin.....

Cisco Secure Email and Web Manager Multiple Vulnerabilities (cisco-sa-esa-sma-wsa-xss-bgG5WHOD)

According to its self-reported version, Cisco Secure Email and Web Manager is affected by multiple vulnerabilities. A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email could allow an authenticated, remote attacker to conduct an XSS attack...

GitLab 11.11 < 16.10.6 / 16.11 < 16.11.3 / 17.0 < 17.0.1 (CVE-2024-5318)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user...

Foxit PDF Reader < 2024.2.2 Vulnerability

According to its version, the Foxit PDF Reader application (previously named Foxit Reader) installed on the remote Windows host is prior to 2024.2.2. It is, therefore affected by vulnerability: Note that Nessus has not tested for this issue but has instead relied only on the application's...

Oracle Linux 7 : libreoffice (ELSA-2024-3304)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3304 advisory. [1:5.3.6.1-26.0.1] - adjust color palette to match Redwood style. - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in...

Cisco Secure Web Appliance XSS (cisco-sa-esa-sma-wsa-xss-bgG5WHOD)

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker...

Intel VTune Profiler Installed (Windows)

Intel VTune Profiler is installed on the remote Windows...

MongoDB 5.0.x < 5.0.25 / 6.0.x < 6.0.14 / 7.0.x < 7.0.6 Improper Input Validation (SERVER-85263)

The version of MongoDB installed on the remote host is prior to 5.0.25, 6.0.14, or 7.0.6. It is, therefore, affected by a vulnerability as referenced in the SERVER-85263 advisory. Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can...

4BRO Insecure Direct Object Reference / API Information Exposure

...

CVE-2024-4835

A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this condition, an attacker can craft a malicious page to exfiltrate sensitive user...