55 matches found
EUVD-2023-52795
Malicious code in bioql PyPI...
EUVD-2023-52794
Malicious code in bioql PyPI...
EUVD-2023-52792
Malicious code in bioql PyPI...
CVE-2024-45199
insightsoftware Hive JDBC through 2.6.13 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code executi...
CVE-2024-10174
The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.13 via the 'AbstractPermission' class due to missing validation on the 'useri...
PT-2024-16088 · WordPress · Wp Project Manager
Name of the Vulnerable Software and Affected Versions: The WP Project Manager versions up to, and including, 2.6.13 Description: The issue is related to Insecure Direct Object Reference, which affects the plugin due to missing validation on the user id user-controlled key in the Abstract Permissi...
CVE-2023-48761
Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13...
CVE-2023-48759
Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13...
WordPress plugin JetElements For Elementor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...
PT-2024-13645 · Crocoblock · Crocoblock Jetelements For Elementor
Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability. This means that there is a lack of proper authorization checks, potentially allowing unauthorized...
WordPress plugin JetElements For Elementor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...
PT-2024-13644 · Crocoblock · Crocoblock Jetelements For Elementor
Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability in Crocoblock JetElements For Elementor. Recommendations: For versions 2.6.13 and earlier, update to a...
PT-2024-13643 · Crocoblock · Crocoblock Jetelements For Elementor
Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability in Crocoblock JetElements For Elementor. Recommendations: For versions 2.6.13 and earlier, update to a...
OPENSUSE-SU-2024:10589-1 rmt-server-2.6.13-1.1 on GA media
These are all security issues fixed in the rmt-server-2.6.13-1.1 package on the GA media of openSUSE Tumbleweed...
WordPress Mollie Forms Plugin <= 2.6.13 is vulnerable to Cross Site Request Forgery (CSRF)
Software Mollie Forms Type Plugin Vulnerable versions = 2.6.13 Fixed in 2.6.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2368 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID be4c386416af Credits Lucio Sá Required...
PT-2024-12302 · Rancher · Rancher
Name of the Vulnerable Software and Affected Versions: Rancher versions 2.6.0 through 2.6.13 Rancher versions 2.7.0 through 2.7.9 Rancher versions 2.8.0 through 2.8.1 Description: A vulnerability has been identified when granting a create or global role for a resource type of "namespaces". This c...
CVE-2023-48762
Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13...
PT-2023-30944 · Crocoblock · Crocoblock Jetelements For Elementor
Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This type of issue allows an attacker to trick a user into performing unintended actions on a web...
WordPress Plugin JetElements Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site request forge...
Vulnerabilities fixed in Rancher
Vulnerabilities have been fixed in Rancher. The vulnerability with reference CVE-2022-43760 allows a malicious person to perform a Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the context of the browser of the victim. The vulnerabilities marked...