WooODT Lite – WooCommerce Order Delivery Or Pickup With Date Time Location Security Vulnerabilities

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

CVE-2024-4627

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings (by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin...

CVE-2024-4627

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings (by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin...

CVE-2024-1427

The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the section title tag attribute in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping on user...

CVE-2024-1427

The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the section title tag attribute in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping on user...

CVE-2024-4627 Rank Math SEO < 1.0.219 - Authenticated Stored XSS

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings (by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin...

CVE-2024-1427 The Post Grid <= 7.7.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via section title tag

The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the section title tag attribute in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping on user...

CVE-2024-5349

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

CVE-2024-5349

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

Meta's 'Pay or Consent' Approach Faces E.U. Competition Rules Scrutiny

Meta's decision to offer an ad-free subscription in the European Union (E.U.) has faced a new setback after regulators accused the social media behemoth of breaching the bloc's competition rules by forcing users to choose between seeing ads or paying to avoid them. The European Commission said the....

Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware

A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated,...

Exploit for CVE-2024-27292

CVE-2024-27292 : Docassemble V1.4.96 Unauthenticated Path...

CVE-2024-5349 LA-Studio Element Kit for Elementor <= 1.3.8.1 - Authenticated (Contributor+) Local File Inclusion

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

Australian Man Charged for Fake Wi-Fi Scam on Domestic Flights

An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data. The unnamed 42-year-old "allegedly established fake free Wi-Fi access points, which mimicked legitimate networks, to capture personal data from...

CVE-2024-5419

The Void Contact Form 7 Widget For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cf7_redirect_page' attribute within the plugin's Void Contact From 7 widget in all versions up to, and including, 2.4 due to insufficient input sanitization and...

CVE-2024-5419

The Void Contact Form 7 Widget For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cf7_redirect_page' attribute within the plugin's Void Contact From 7 widget in all versions up to, and including, 2.4 due to insufficient input sanitization and...

Exploit for CVE-2024-6387

SSH Vulnerability Scanner The SSH Vulnerability Scanner is a...

CVE-2024-5419 Void Contact Form 7 Widget For Elementor Page Builder <= 2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via cf7_redirect_page Attribute

The Void Contact Form 7 Widget For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cf7_redirect_page' attribute within the plugin's Void Contact From 7 widget in all versions up to, and including, 2.4 due to insufficient input sanitization and...

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2021-28543 affecting package varnish-modules 0.16.0-4

CVE-2021-28543 affecting package varnish-modules 0.16.0-4. This CVE either no longer is or was never...

CVE-2019-12280 affecting package toolbox 0.0.18-9

CVE-2019-12280 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never...

CVE-1999-1090 affecting package telnet 0.17-81

CVE-1999-1090 affecting package telnet 0.17-81. This CVE either no longer is or was never...

CVE-2021-21704 affecting package php 7.4.14-3

CVE-2021-21704 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2007-3205 affecting package php 7.4.14-3

CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2021-3571 affecting package linuxptp 2.0-8

CVE-2021-3571 affecting package linuxptp 2.0-8. This CVE either no longer is or was never...

CVE-2017-1000231 affecting package ldns 1.7.0-31

CVE-2017-1000231 affecting package ldns 1.7.0-31. This CVE either no longer is or was never...

CVE-2022-28506 affecting package giflib 5.2.1-5

CVE-2022-28506 affecting package giflib 5.2.1-5. This CVE either no longer is or was never...

CVE-2020-7071 affecting package php 7.4.14-3

CVE-2020-7071 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2020-8908 affecting package guava 25.0-5

CVE-2020-8908 affecting package guava 25.0-5. This CVE either no longer is or was never...

CVE-2022-31626 affecting package php 7.4.14-3

CVE-2022-31626 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2007-1397 affecting package fish 3.1.2-4

CVE-2007-1397 affecting package fish 3.1.2-4. This CVE either no longer is or was never...

CVE-2020-25207 affecting package toolbox 0.0.18-9

CVE-2020-25207 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never...

CVE-2021-21705 affecting package php 7.4.14-3

CVE-2021-21705 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2021-21703 affecting package php 7.4.14-3

CVE-2021-21703 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2020-27827 affecting package lldpd 1.0.4-3

CVE-2020-27827 affecting package lldpd 1.0.4-3. This CVE either no longer is or was never...

CVE-2021-3634 affecting package libssh 0.9.5-2

CVE-2021-3634 affecting package libssh 0.9.5-2. This CVE either no longer is or was never...

CVE-2019-16707 affecting package hunspell 1.7.0-7

CVE-2019-16707 affecting package hunspell 1.7.0-7. This CVE either no longer is or was never...

CVE-2019-18368 affecting package toolbox 0.0.18-9

CVE-2019-18368 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never...

CVE-2021-21707 affecting package php 7.4.14-3

CVE-2021-21707 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2018-7263 affecting package libmad 0.15.1b-30

CVE-2018-7263 affecting package libmad 0.15.1b-30. This CVE either no longer is or was never...

CVE-2017-1000232 affecting package ldns 1.7.0-31

CVE-2017-1000232 affecting package ldns 1.7.0-31. This CVE either no longer is or was never...

CVE-2013-7381 affecting package libnotify 0.7.9-4

CVE-2013-7381 affecting package libnotify 0.7.9-4. This CVE either no longer is or was never...

CVE-2010-4756 affecting package glibc 2.35-7

CVE-2010-4756 affecting package glibc 2.35-7. This CVE either no longer is or was never...

CVE-2010-4226 affecting package cpio 2.13-5

CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...

CVE-2022-20001 affecting package fish 3.1.2-4

CVE-2022-20001 affecting package fish 3.1.2-4. This CVE either no longer is or was never...

CVE-2021-3716 affecting package nbdkit 1.20.7-5

CVE-2021-3716 affecting package nbdkit 1.20.7-5. This CVE either no longer is or was never...

CVE-2020-25013 affecting package toolbox 0.0.18-9

CVE-2020-25013 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never...

CVE-2022-31625 affecting package php 7.4.14-3

CVE-2022-31625 affecting package php 7.4.14-3. This CVE either no longer is or was never...