7 matches found
📄 Yoast SEO 22.5 Cross Site Scripting
These are details relating a cross site scripting vulnerability in Yoast SEO versions 22.5 and below that was originally discovered in 2024. CVE-2024-4041 Yoast SEO /?page=%22%20onmouseover%3D%22alertdocument.domain%22%20x%3D%22 3. In the admin bar, open the Yoast menu and hover/click Get Yoast S...
WordPress plugin Yoast SEO 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin
🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 22th, 2024, during our second Bug Bounty Extravaganza, w...
CVE-2023-44362
Adobe Prelude 22.6 and earlier are affected by an uninitialized pointer vulnerability in MP4 parsing that can disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Remediation: update to Adobe Prelude 22.6.1 (per APSB23-67) on Windows/macOS; patc...
CVE-2023-5105
The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as wp-config.php...
Vulnerabilities fixed in Ivanti Secure Access Client
Ivanti has fixed vulnerabilities in Secure Access Client formerly Pulse Secure Desktop Client. A local malicious person could exploit the vulnerabilities to grant himself elevated privileges granted and thus execute code with potentially system privileges and/or gain access to sensitive data...
M-Files 代码问题漏洞
M-Files is an innovative metadata-driven document management platform from M-Files, Inc. A security vulnerability exists in M-Files versions prior to 22.6 that originates from allowing a user to gain SYSTEM privileges via DLL hijacking...