JetBackup – WP Backup, Migrate & Restore Security Vulnerabilities

CVE-2023-38395

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through...

CVE-2023-38395

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through...

Exploit for CVE-2024-4898

CVE-2024-4898-Poc CVE-2024-4898 InstaWP Connect – 1-click WP...

CVE-2023-44234 WordPress WP GPX Maps plugin <= 1.7.08 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through...

CVE-2023-44234 WordPress WP GPX Maps plugin <= 1.7.08 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through...

CVE-2023-38395 WordPress WP Clone Menu plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through...

Exploit for CVE-2024-3922

CVE-2024-3922-Poc Dokan Pro &lt;= 3.10.3 - Unauthenticated...

Security Bulletin: Multiple vulnerabilities in Open JDK affecting Rational Functional Tester / DevOps Test UI

Summary There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester (RFT) / DevOps Test UI. RFT has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-21085 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM...

CVE-2023-52747

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Restore allocated resources on failed copyout Fix a resource leak if an error...

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1983-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1983-1 advisory. The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

Unbreakable Enterprise kernel security update

[5.15.0-207.156.6] - uek-container: Add advanced routing options (Boris Ostrovsky) [Orabug: 36691279] - slub: use count_partial_free_approx() in slab_out_of_memory() (Jianfeng Wang) [Orabug: 36655468] - slub: introduce count_partial_free_approx() (Jianfeng Wang) [Orabug: 36655468] - Revert...

FreeBSD : plasma[56]-plasma-workspace -- Unauthorized users can access session manager (479df73e-2838-11ef-9cab-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 479df73e-2838-11ef-9cab-4ccc6adda413 advisory. David Edmundson reports: KSmserver, KDE's XSMP manager, incorrectly allows connections via...

WP Time Slots Booking Form < 1.2.12 - Missing Authorization

Description The WP Time Slots Booking Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the data_management() function in versions up to, and including, 1.2.11. This makes it possible for unauthenticated attackers to view slot...

WP Visitors Tracker < 2.4 - Reflected Cross-Site Scripting

Description The WP Visitors Tracker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

WP Time Slots Booking Form < 1.2.11 - Unauthenticated Stored Cross-Site Scripting

Description The WP Time Slots Booking Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.2.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts....

Backup Failing With `Too many snapshots` When Using Longhorn as a Storage Provisioner

Veeam Support Knowledge Base answer to: Backup Failing With Too many snapshots When Using Longhorn as a Storage...

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1979-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1979-1 advisory. The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were...

Patch Tuesday, June 2024 “Recall” Edition

Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows users. The software giant also responded to a torrent of negative feedback on a new feature of Redmond's flagship operating system.....

Microsoft and Adobe Patch Tuesday, June 2024 Security Update Review

Microsoft's June Patch Tuesday is here, bringing fixes for vulnerabilities impacting its multiple products. This month's release highlights the ongoing battle against cybersecurity threats, from critical updates to important fixes. Let's dive into the crucial insights from Microsoft's Patch...

CVE-2024-34758

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through...

CVE-2024-34758

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through...

CVE-2023-48273

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Preloader for Website.This issue affects Preloader for Website: from n/a through...

CVE-2023-48273

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Preloader for Website.This issue affects Preloader for Website: from n/a through...

CVE-2023-48273 WordPress Preloader for Website plugin <= 1.2.2 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Preloader for Website.This issue affects Preloader for Website: from n/a through...

CVE-2023-48273 WordPress Preloader for Website plugin <= 1.2.2 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Preloader for Website.This issue affects Preloader for Website: from n/a through...

CVE-2023-51682

Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through...

CVE-2023-51682

Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through...

CVE-2024-34758 WordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through...

CVE-2024-34758 WordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through...

10 years of the GitHub Security Bug Bounty Program

Each year, we celebrate the GitHub Security Bug Bounty program, highlighting impressive bugs and researchers, rewards, live hacking events, and more. This year, we celebrate a new milestone: 10 years of the GitHub Security Bug Bounty program! While we've had some exciting growth over the last 10...

CVE-2023-51682 WordPress MC4WP plugin <= 4.9.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through...

CVE-2023-51682 WordPress MC4WP plugin <= 4.9.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through...

CVE-2024-35663

Missing Authorization vulnerability in HahnCreativeGroup WP Translate.This issue affects WP Translate: from n/a through...

CVE-2024-35663

Missing Authorization vulnerability in HahnCreativeGroup WP Translate.This issue affects WP Translate: from n/a through...

CVE-2024-35667

Missing Authorization vulnerability in WP EasyCart.This issue affects WP EasyCart: from n/a through...

CVE-2024-35667

Missing Authorization vulnerability in WP EasyCart.This issue affects WP EasyCart: from n/a through...

CVE-2024-35168

Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through...

CVE-2024-35168

Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through...

CVE-2024-21754

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged.....

CVE-2024-23111

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged.....

CVE-2024-21754

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged.....

CVE-2024-23111

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged.....

CVE-2024-35168 WordPress WP Discourse plugin <= 2.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through...

CVE-2024-35168 WordPress WP Discourse plugin <= 2.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through...

CVE-2024-21754

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged.....

CVE-2024-21754

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged.....

CVE-2024-23111

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged.....

CVE-2024-23111

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged.....

CVE-2024-35663 WordPress WP Translate plugin <= 5.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in HahnCreativeGroup WP Translate.This issue affects WP Translate: from n/a through...

CVE-2023-52183

Missing Authorization vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through...