WordPress WP Popups – WordPress Popup builder plugin <= 2.2.0.1 - Unauthenticated Full Path Disclosure vulnerability

Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin WP Popups versions = 2.2.0.1...

WordPress plugin WP Popups security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-37712 · WordPress · Wp Popups

Name of the Vulnerable Software and Affected Versions: WP Popups – WordPress Popup builder plugin versions up to, and including, 2.2.0.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin utilizes mobiledetect without preventing direct access to the files...

WordPress CURCY Plugin <= 2.2.0.1 is vulnerable to Cross Site Scripting (XSS)

Software CURCY Type Plugin Vulnerable versions = 2.2.0.1 Fixed in 2.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50831 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5702a980d547 Credits LVT-tholv2k Required privilege Contributor...

Oracle FLEXCUBE Private Banking Denial of Service Vulnerability

Oracle FLEXCUBE Private Banking is a banking and financial services solution. A security vulnerability exists in the implementation of Oracle FLEXCUBE Private Banking versions 2.0.0, 2.0.1, 2.2.0.1, 12.0.1, which can be exploited by remote attackers to affect availability...

CVE-2017-3479

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker with network access vi...

CVE-2017-3473

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker with network access vi...

CVE-2017-3475

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker with network access vi...

CVE-2012-2399

CVE-2012-2399 is an XSS vulnerability in swfupload.swf (SWFUpload 2.2.0.1 and earlier), used in WordPress before 3.5.2 and TinyMCE Image Manager 1.1 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter. The connected documents do not pr...