9 matches found
RHSA-2024:3022
creationtimestamp| type| source ---|---|--- 2025-06-16 17:37:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18479...
Oracle Linux 8 : motif (ELSA-2024-3022)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3022 advisory. - Fix CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer Tenable has extracted the preceding description block directly from the Oracle...
RHEL 8 : motif (RHSA-2024:3022)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3022 advisory. The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM,...
CentOS 8 : motif (CESA-2024:3022)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3022 advisory. - A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows a local attacker to...
CVE-2024-3022
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpressprocessupload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to...
CVE-2024-3022 BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpressprocessupload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to...
CVE-2024-3022 BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpressprocessupload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to...
CVE-2024-3022
BookingPress for WordPress (all versions
WordPress BookingPress Plugin <= 1.0.87 is vulnerable to Arbitrary File Upload
Software BookingPress Type Plugin Vulnerable versions = 1.0.87 Fixed in 1.0.88 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-3022 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 95c9a0019f7e Credits Dian Sun Required privilege Administrator...