holidayhillinnandsuites.com Cross Site Scripting vulnerability OBB-3957633

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress wpForo Forum Plugin <= 2.3.4 is vulnerable to Insecure Direct Object References (IDOR)

Software wpForo Forum Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-43288 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 84baf52495a3 Credits Ananda Dhakal...

WordPress Hello Agency Theme <= 1.0.5 is vulnerable to Broken Access Control

Software Hello Agency Type Theme Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43341 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID dad92fd9c880 Credits Fariq Fadillah Gusti Insani...

WordPress Plugin Notes Plus Plugin <= 1.2.7 is vulnerable to Arbitrary Content Deletion

Software Plugin Notes Plus Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A1: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2024-43326 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 048345824ef6 Credits Trương Hữu Phúc...

WordPress Custom Field For WP Job Manager Plugin <= 1.2 is vulnerable to Insecure Direct Object References (IDOR)

Software Custom Field For WP Job Manager Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-7049 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3021ad422dd8 Credits...

WordPress oik Plugin <= 4.12.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software oik Type Plugin Vulnerable versions = 4.12.0 Fixed in 4.12.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43356 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 865f6e2dc335 Credits Abdi Pranata Required privile...

WordPress Flash & HTML5 Video Plugin <= 2.5.30 is vulnerable to Broken Access Control

Software Flash & HTML5 Video Type Plugin Vulnerable versions = 2.5.30 Fixed in 2.5.31 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43296 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 14d9f8844f5d Credits Ananda Dhakal Patchstac...

restauracekastrol.cz Cross Site Scripting vulnerability OBB-3587186

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

olaaccounting.com Cross Site Scripting vulnerability OBB-3586559

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

nivariabeach.com Cross Site Scripting vulnerability OBB-3586420

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Advanced File Manager Plugin < 5.1.1 is vulnerable to Sensitive Data Exposure

Software Advanced File Manager Type Plugin Vulnerable versions 5.1.1 Fixed in 5.1.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-3814 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID c11d3f659c9c Credits Dmitrii Required...

zeckenhilfe.com Cross Site Scripting vulnerability OBB-1261312

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

chandris-hellas.eu XSS vulnerability

Vulnerable URL: http://www.chandris-hellas.eu/pub/JobOffer.asp?lang=en" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

discovery.com XSS vulnerability

Vulnerable URL: http://www.discovery.com/search/?x" Details: Description| Value ---|--- Patched:| Yes, at 28.09.2016 Latest check for patch:| 28.09.2016 09:56 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2938 Google Pagerank| 8 VIP website status:| Yes Check...

alpinetexas.chambermaster.com XSS vulnerability

Vulnerable URL: http://alpinetexas.chambermaster.com/directory/jsp/busdir/SearchResults.jsp Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 13:53 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

hrsemprogetti.platinumgroup.it XSS vulnerability

Vulnerable URL: http://hrsemprogetti.platinumgroup.it/utils/error.php?errmsg= Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 22:04 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Goog...

members.mtairyncchamber.org XSS vulnerability

Vulnerable URL: http://members.mtairyncchamber.org/directory/jsp/busdir/SearchResults.jsp Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 13:50 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...