5 matches found
login.wellcorecorporation.ca Cross Site Scripting vulnerability OBB-3927323
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.102 is vulnerable to SQL Injection
Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.102 Fixed in 1.5.105 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3055 Patch priority Low CVSS severity Low 8.5 Developer Unlimited Elements PSID 6f752cde8e3d...
WordPress WP Discourse Plugin <= 2.5.1 is vulnerable to Broken Access Control
Software WP Discourse Type Plugin Vulnerable versions = 2.5.1 Fixed in 2.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35168 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4c4620868728 Credits Joshua Chan Required privilege...
WordPress LearnPress Plugin <= 4.2.6.5 is vulnerable to Cross Site Scripting (XSS)
Software LearnPress Type Plugin Vulnerable versions = 4.2.6.5 Fixed in 4.2.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4277 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3ad5ee25dcd1 Credits stealthcopter Required...
WordPress Giveaways and Contests by RafflePress Plugin <= 1.12.4 is vulnerable to Broken Access Control
Software Giveaways and Contests by RafflePress Type Plugin Vulnerable versions = 1.12.4 Fixed in 1.12.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4745 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 632d49d4c2a4 Credits...