6 matches found
CVE-2023-0441
creationtimestamp| type| source ---|---|--- 2023-03-27 20:49:59+00:00| seen| https://t.me/cibsecurity/60802 2025-02-19 19:13:55+00:00| seen| Telegram/V1iY4Jp-BIbljfuUMmMJfOYNdRJ8XysDh7vtizL7Rn9IEoi...
CVE-2023-0441
The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enab...
CVE-2023-0441 Gallery Blocks with Lightbox < 3.0.8 - Subscriber+ Arbitrary Options Update
The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enab...
CVE-2023-0441
The CVE-2023-0441 entry concerns the Gallery Blocks with Lightbox WordPress plugin prior to 3.0.8. An AJAX endpoint is accessible to any authenticated user (e.g., subscriber); the callback can perform actions including reading/updating WordPress options, potentially enabling registration with a d...
CVE-2023-0441 Gallery Blocks with Lightbox < 3.0.8 - Subscriber+ Arbitrary Options Update
The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enab...
RHEL 8 : kpatch-patch (RHSA-2023:0441)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0441 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...