WordPress Lucas String Replace Plugin <= 2.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Lucas String Replace Type Plugin Vulnerable versions = 2.0.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8734 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d57e73116724 Credits vgo0 Required...

WordPress plugin Lucas String Replace 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

PT-2025-2814

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.74 Description: A vulnerability has been resolved in the Linux kernel, specifically in the btrfs module. The issue is related to a possible recursive locking detected when running fstests btrfs/011 with MKFS...

PT-2024-6520 · D Link · D-Link Dns-320

Name of the Vulnerable Software and Affected Versions: D-Link DNS-320 version 2.02b01 Description: The issue is related to the disclosure of information in the /cgi-bin/discovery.cgi file of the Web Management Interface component in the D-Link DNS-320 router's firmware. This can be exploited...

CVE-2024-8212 D-Link DNS-1550-04 hd_config.cgi cgi_FMT_R12R5_2nd_DiskMGR command injection

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been rated as critical. This issue...

`cw0` is unmaintained

The crate cw0 was first renamed to utils in 2021 and then to cw-utils because utils was already claimed on crates.io. The crate cw0 is not maintained anymore since then and should be replaced with cw-utils...

PT-2024-38819 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814 Description: A...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2896-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...

CVE-2024-39636

Deserialization of Untrusted Data vulnerability in CodeSolz Better Find and Replace.This issue affects Better Find and Replace: from n/a through 1.6.1...

CVE-2024-39636 WordPress Better Find and Replace plugin <= 1.6.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in CodeSolz Better Find and Replace.This issue affects Better Find and Replace: from n/a through 1.6.1...

CVE-2024-39636

CVE-2024-39636 affects CodeSolz Better Find and Replace (WordPress plugin) up to version 1.6.1. The issue is Deserialization of Untrusted Data leading to PHP Object Injection. Patch 1.6.2 fixes this; upgrade to 1.6.2 or later. The vulnerability has been documented across multiple sources (CVE, pa...

CVE-2024-39636 WordPress Better Find and Replace plugin <= 1.6.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in CodeSolz Better Find and Replace.This issue affects Better Find and Replace: from n/a through 1.6.1...

WordPress plugin Better Find and Replace 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

CVE-2024-37898

XWiki Platform (CVE-2024-37898) has a documented issue where a user with view but not delete rights can delete a page and replace it with new content, moving the old version to the recycle bin. Although the old content is not viewable due to rights transfer, the action results in the page being o...

PT-2024-5617 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 14.10.21 XWiki Platform versions prior to 15.5.5 XWiki Platform versions prior to 15.10.6 Description: The issue is related to a lack of authorization in the XWiki Platform, allowing a remote attacker to...

WordPress Better Find and Replace plugin <= 1.6.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Trình Vũ Sonicrrrr from VNPT-VCI in WordPress Plugin Better Find and Replace versions = 1.6.1...

WordPress Better Find and Replace Plugin <= 1.6.1 is vulnerable to PHP Object Injection

Software Better Find and Replace Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-39636 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID c0c0efbac1bd Credits Trình Vũ Sonicrrrr from VNPT-VCI...

CVE-2024-38759

Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2...

CVE-2024-38759

Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2...

CVE-2024-38759 WordPress Search & Replace plugin <= 3.2.2 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2...