Import WP – Import And Export WordPress Data To XML Or CSV Files Security Vulnerabilities

CVE-2023-23914 affecting package cmake 3.21.4-3

CVE-2023-23914 affecting package cmake 3.21.4-3. This CVE either no longer is or was never...

CVE-2023-25193 affecting package mozjs60 60.9.0-13

CVE-2023-25193 affecting package mozjs60 60.9.0-13. This CVE either no longer is or was never...

CVE-2022-4304 affecting package cloud-hypervisor 22.0-2

CVE-2022-4304 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...

CVE-2022-4415 affecting package systemd 239-43

CVE-2022-4415 affecting package systemd 239-43. This CVE either no longer is or was never...

CVE-2022-3715 affecting package bash 4.4.23-1

CVE-2022-3715 affecting package bash 4.4.23-1. This CVE either no longer is or was never...

CVE-2022-38128 affecting package binutils 2.36.1-2

CVE-2022-38128 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...

CVE-2021-3996 affecting package util-linux 2.32.1-7

CVE-2021-3996 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...

CVE-2018-25032 affecting package python2 for versions less than 2.7.18-13

CVE-2018-25032 affecting package python2 for versions less than 2.7.18-13. This CVE either no longer is or was never...

CVE-2022-4450 affecting package rust 1.59.0-1

CVE-2022-4450 affecting package rust 1.59.0-1. This CVE either no longer is or was never...

CVE-2022-4450 affecting package cloud-hypervisor 22.0-2

CVE-2022-4450 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...

CVE-2020-2801 affecting package openjdk8 1.8.0.332-1

CVE-2020-2801 affecting package openjdk8 1.8.0.332-1. This CVE either no longer is or was never...

CVE-2022-38127 affecting package binutils 2.36.1-2

CVE-2022-38127 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...

CVE-2021-35938 affecting package rpm 4.14.2-15

CVE-2021-35938 affecting package rpm 4.14.2-15. This CVE either no longer is or was never...

CVE-2021-3997 affecting package systemd 239-42

CVE-2021-3997 affecting package systemd 239-42. This CVE either no longer is or was never...

CVE-2023-0215 affecting package rust 1.59.0-1

CVE-2023-0215 affecting package rust 1.59.0-1. This CVE either no longer is or was never...

CVE-2022-41724 affecting package gcc 9.1.0-7

CVE-2022-41724 affecting package gcc 9.1.0-7. This CVE either no longer is or was never...

CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7

CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7. This CVE either no longer is or was never...

CVE-2018-25078 affecting package man-db 2.8.4-5

CVE-2018-25078 affecting package man-db 2.8.4-5. This CVE either no longer is or was never...

CVE-2022-3515 affecting package gnupg2 2.2.20-4

CVE-2022-3515 affecting package gnupg2 2.2.20-4. This CVE either no longer is or was never...

CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4

CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4. This CVE either no longer is or was never...

CVE-2021-3672 affecting package pgbouncer 1.16.1-1

CVE-2021-3672 affecting package pgbouncer 1.16.1-1. This CVE either no longer is or was never...

CVE-2021-3995 affecting package util-linux 2.32.1-7

CVE-2021-3995 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...

CVE-2023-25136 affecting package openssh 8.9p1-3

CVE-2023-25136 affecting package openssh 8.9p1-3. This CVE either no longer is or was never...

CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15

CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15. A patched version of the package is...

CVE-2024-6405

The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...

CVE-2024-6405

The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...

CVE-2024-6405 Floating Social Buttons <= 1.5 - Cross-Site Request Forgery

The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...

Polyfill.io Supply Chain Attack

The polyfill.js is a popular open-source library that supports older browsers. Thousands of sites embed it using the cdn[.]polyfill[.]io domain. In February 2024, a Chinese company (Funnull) bought the domain and the GitHub account. The company has modified Polyfill.js so malicious code would be...

bartlettltd.co.uk Cross Site Scripting vulnerability OBB-3939500

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-28795

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2023-50952

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-31898

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-28794

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-28797

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-28798

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2023-35022

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-35119

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2023-50964

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2023-50953

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-31902

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2023-50954

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2019-25211

parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/ is allowed when the intention is that only https://example.com/ should be allowed, and http://localhost.example.com/ is allowed when the intention is.....

CVE-2019-25211

parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/ is allowed when the intention is that only https://example.com/ should be allowed, and http://localhost.example.com/ is allowed when the intention is.....

Exploit for CVE-2024-34102

🚨 CVE-2024-34102 Exploit Script 🚨 Description This...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site request forgery (CVE-2024-31902)

Summary A cross-site request forgery vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-31902 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and.....

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Oracle MySQL Connectors (CVE-2023-22102)

Summary A vulnerability in Oracle MySQL Connectors used by InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-22102 DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow a remote attacker to cause.....

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Open Container Initiative runc

Summary Multiple vulnerabilities in Open Container Initiative runc used by IBM InfoSphere Information Server were addressed. Vulnerability Details ** CVEID: CVE-2024-21626 DESCRIPTION: **Open Container Initiative runc could allow a remote attacker to bypass security restrictions, caused by an...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-50964)

Summary A cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-50964 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript...

Security Bulletin: IBM WebSphere Application Server is vulnerable to cross-site scripting (CVE-2024-35153)

Summary IBM WebSphere Application Server is vulnerable to cross-site scripting in the administrative console. Vulnerability Details ** CVEID: CVE-2024-35153 DESCRIPTION: **IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed...

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to improper error handling (CVE-2023-50953)

Summary An improper error handling vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-50953 DESCRIPTION: **IBM InfoSphere Information Server could allow a remote attacker to obtain sensitive information when a detailed technical error...