WordPress Geo Mashup plugin <= 1.13.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via geo_mashup_visible_posts_list Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via geomashupvisiblepostslist Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Geo Mashup versions = 1.13.13...

WordPress Geo Mashup Plugin <= 1.13.13 is vulnerable to Cross Site Scripting (XSS)

Software Geo Mashup Type Plugin Vulnerable versions = 1.13.13 Fixed in 1.13.14 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8990 Patch priority Low CVSS severity Low 6.5 Developer Dylan Kuhn PSID e149f169bae9 Credits Peter Thaleikis Required...

BIT-HUBBLE-2024-28860

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...

PT-2024-22363 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions 1.13.9 through 1.13.12 Cilium versions 1.14.0 through 1.14.7 Cilium versions 1.15.0 through 1.15.1 Description: Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP...

BIT-GOLANG-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

CVE-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...