WordPress WCFM Membership plugin <= 2.11.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bima Ikhsan in WordPress Plugin WCFM Membership versions = 2.11.10...

CVE-2026-42753 WordPress WCFM Membership plugin <= 2.11.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Membership: from n/a through = 2.11.10...

EUVD-2026-32200

Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Membership: from n/a through = 2.11.10...

WordPress plugin WCFM Membership 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

Important: Red Hat Security Advisory: Kiali 2.11.10 for Red Hat OpenShift Service Mesh 3.1

Kiali 2.11.10 for Red Hat OpenShift Service Mesh 3.1 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.1. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Critical. A Comm...

Linux Distros Unpatched Vulnerability : CVE-2021-32743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In...

Linux Distros Unpatched Vulnerability : CVE-2021-32739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From...

CVE-2021-32743

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions prior to 2.11.10 and from version 2.12.0 through version 2.12.4, some of the Icinga 2 features that require credentials for extern...

CVE-2024-12853

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 2.11.10. This makes it possible for authenticated attackers, with Author-level access and above, to uploa...

PT-2024-30319 · Unknown · Antoine Hurkmans Football Pool

Name of the Vulnerable Software and Affected Versions: Antoine Hurkmans Football Pool versions n/a through 2.11.10 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS, where an attacke...

WordPress Football Pool Plugin <= 2.11.10 is vulnerable to Cross Site Scripting (XSS)

Software Football Pool Type Plugin Vulnerable versions = 2.11.10 Fixed in 2.12.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43130 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 286c38961ee5 Credits Ananda Dhakal Patchstack Required...

WordPress Football Pool Plugin <= 2.11.9 is vulnerable to Cross Site Scripting (XSS)

Software Football Pool Type Plugin Vulnerable versions = 2.11.9 Fixed in 2.11.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43139 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 67467a5d4e93 Credits Manab Jyoti Dowarah Required...

SUSE CVE-2008-7251

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors...

SUSE CVE-2017-10140

Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DBCONFIG in the current directory...

UBUNTU-CVE-2021-32743

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions prior to 2.11.10 and from version 2.12.0 through version 2.12.4, some of the Icinga 2 features that require credentials for extern...

CVE-2021-32739

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege escalation for authenticated API users. With a...

CVE-2021-32739 Results of queries for ApiListener objects include the ticket salt which allows in turn to steal (more privileged) identities

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege escalation for authenticated API users. With a...

PT-2021-4011 · Icingadb +4 · Icingadb +7

Name of the Vulnerable Software and Affected Versions: Icinga versions prior to 2.11.10 Icinga versions 2.12.0 through 2.12.4 Description: The issue concerns the exposure of credentials for external services through the API to authenticated API users with read permissions for the corresponding...

phpMyAdmin <2.11.10 创建不安全文件和目录漏洞

No description provided by source...