RSJoomla! RSMail! component for Joomla 跨站脚本漏洞

RSJoomla! RSMail! component for Joomla is an extension component for the Joomla content management system from RSJoomla! A cross-site scripting vulnerability exists in RSMail component versions 1.19.20 through 1.22.26, which stems from improper handling of specially crafted parameters and could...

CVE-2024-6000

The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'displayticketthemespage' function in versions up to, and including, 1.19.20. This makes it possible for authenticated attackers with...

WordPress FooEvents for WooCommerce plugin <= 1.19.20 - Authenticated Arbitrary File Upload vulnerability

Authenticated Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin FooEvents for WooCommerce versions = 1.19.20...

WordPress FooEvents for WooCommerce Plugin <= 1.19.20 is vulnerable to Arbitrary File Upload

Software FooEvents for WooCommerce Type Plugin Vulnerable versions = 1.19.20 Fixed in 1.19.21 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6000 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 712d717f0e84 Credits István Márton Required...

DSA-3110-1 mediawiki - security update

Bulletin has no description...