topjobcambodia.com Cross Site Scripting vulnerability OBB-3920567

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

montealato.it Cross Site Scripting vulnerability OBB-3920410

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ecomatic.ee Cross Site Scripting vulnerability OBB-3920273

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

aircraftspruce.eu Cross Site Scripting vulnerability OBB-3920168

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

618bg.com Cross Site Scripting vulnerability OBB-3920157

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

thaixin.net Cross Site Scripting vulnerability OBB-3920103

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

drvhub.net Cross Site Scripting vulnerability OBB-3920057

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

micwaudio.com Cross Site Scripting vulnerability OBB-3919973

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

basicsynth.com Cross Site Scripting vulnerability OBB-3919804

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress WP LinkedIn Auto Publish Plugin <= 8.11 is vulnerable to Broken Access Control

Software WP LinkedIn Auto Publish Type Plugin Vulnerable versions = 8.11 Fixed in 8.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32797 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 03094155e86a Credits Abdi Pranata Required...

WordPress Import and export users and customers Plugin <= 1.26.2 is vulnerable to PHP Object Injection

Software Import and export users and customers Type Plugin Vulnerable versions = 1.26.2 Fixed in 1.26.3 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-32817 Patch priority Low CVSS severity Low 4.4 Developer Codection PSID db71a86e52da Credits Trình Vũ Sonicrrrr from...

WordPress Data Tables Generator by Supsystic Plugin <= 1.10.31 is vulnerable to Broken Access Control

Software Data Tables Generator by Supsystic Type Plugin Vulnerable versions = 1.10.31 Fixed in 1.10.32 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32829 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c3d8bb1fd9d8 Credits Steven...

WordPress ShortPixel Critical CSS Plugin <= 1.0.2 is vulnerable to Broken Access Control

Software ShortPixel Critical CSS Type Plugin Vulnerable versions = 1.0.2 Fixed in 1.0.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32810 Patch priority High CVSS severity High 7.6 Developer ShortPixel PSID b4665651b428 Credits Dhabaleshwar Das Require...

WordPress Academy LMS Plugin <= 1.9.16 is vulnerable to Broken Access Control

Software Academy LMS Type Plugin Vulnerable versions = 1.9.16 Fixed in 1.9.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-32714 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 52a502724937 Credits Mochamad Sofyan Required...

WordPress ProfileGrid Plugin <= 5.7.9 is vulnerable to Insecure Direct Object References (IDOR)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.9 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32772 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0b59bd9029de Credits Kyle Sanchez...

WordPress Tickera Plugin < 3.5.2.5 is vulnerable to Insecure Direct Object References (IDOR)

Software Tickera Type Plugin Vulnerable versions 3.5.2.5 Fixed in 3.5.2.5 OWASP Top 10 A4: Insecure Design Classification Insecure Direct Object References IDOR CVE CVE-2023-7252 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 18b5f01f3b4e Credits Martin Thirup Christensen...

WordPress ProfileGrid Plugin <= 5.7.9 is vulnerable to Insecure Direct Object References (IDOR)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.9 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32808 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b60c26e035a2 Credits Kyle Sanchez...

WordPress Rate my Post – WP Rating System Plugin <= 3.4.4 is vulnerable to Insecure Direct Object References (IDOR)

Software Rate my Post – WP Rating System Type Plugin Vulnerable versions = 3.4.4 Fixed in 3.4.5 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32823 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 3390dc0a9f18...

WordPress All-in-one Like Widget Plugin <= 2.2.7 is vulnerable to Cross Site Scripting (XSS)

Software All-in-one Like Widget Type Plugin Vulnerable versions = 2.2.7 Fixed in 2.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32815 Patch priority Low CVSS severity Low 5.9 Developer Jeroen Peters PSID 19340c2d052a Credits Joshua Chan Required privilege...

WordPress Post Grid and Gutenberg Blocks Plugin <= 2.2.78 is vulnerable to Sensitive Data Exposure

Software Post Grid and Gutenberg Blocks Type Plugin Vulnerable versions = 2.2.78 Fixed in 2.2.79 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-32816 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 4274dff100bf Credits Peng Zho...