22 matches found
CVE-2022-23508
Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in GitOps run could allow a local user or process to alter a Kubernetes cluster's resources. GitOps run has a local S3 bucket which it uses...
CVE-2025-23508
Cross-Site Request Forgery CSRF vulnerability in OrigoThemes Extra Options – Favicons extra-options-favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through = 1.1.0...
CVE-2024-23508
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...
CVE-2025-23508
Cross-Site Request Forgery CSRF vulnerability in OrigoThemes Extra Options – Favicons extra-options-favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through = 1.1.0...
CVE-2025-23508
CVE-2025-23508 affects the WordPress plugin Extra Options – Favicons (versions from unknown up to 1.1.0). The vulnerability is described as Cross-Site Request Forgery (CSRF) that enables Stored XSS. Connected Red Hat and related records confirm the CVE ID and the CSRF-to-Stored-XSS characterizati...
CVE-2025-23508 WordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in OrigoThemes Extra Options – Favicons extra-options-favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through = 1.1.0...
CVE-2025-23508 WordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in EdesaC Extra Options – Favicons allows Stored XSS.This issue affects Extra Options – Favicons: from n/a through 1.1.0...
CVE-2024-23508
creationtimestamp| type| source ---|---|--- 2024-01-31 17:22:09+00:00| seen| https://t.me/ctinow/176910 2024-02-19 21:31:56+00:00| seen| https://t.me/ctinow/187935...
CVE-2024-23508
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...
CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...
CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...
CVE-2024-23508
CVE-2024-23508 affects the WordPress plugin PDF Poster – PDF Embedder (bPlugins) up to version 2.1.17. Root cause is improper input neutralization leading to a reflected XSS. A fix is available in version 2.1.18; upgrade recommended. Other sources reiterate the same: vulnerable
WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)
Software PDF Poster - PDF Embedder Plugin for WordPress Type Plugin Vulnerable versions = 2.1.17 Fixed in 2.1.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-23508 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 77b3bf7aca30 Credits Le Ng...
CVE-2023-23508
creationtimestamp| type| source ---|---|--- 2023-02-27 22:28:11+00:00| seen| https://t.me/cibsecurity/59055...
CVE-2023-23508
The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences...
CVE-2023-23508
The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences...
CVE-2023-23508
CVE-2023-23508 affects macOS where an issue in memory handling could allow an app to bypass Privacy preferences. The vulnerability is mitigated by Apple’s fixes in macOS Big Sur 11.7.3, macOS Monterey 12.6.3, and macOS Ventura 13.2. The available sources describe the root cause as improved memory...
Gitops Run insecure communication
Impact GitOps run has a local S3 bucket which it uses for synchronising files that are later applied against a Kubernetes cluster. The communication between GitOps Run and the local s3 bucket is not encrypted. This allows privileged users or process to tap the local traffic to gain information...
GHSA-89QM-WCMW-3MGG Gitops Run insecure communication
Impact GitOps run has a local S3 bucket which it uses for synchronising files that are later applied against a Kubernetes cluster. The communication between GitOps Run and the local s3 bucket is not encrypted. This allows privileged users or process to tap the local traffic to gain information...
CVE-2022-23508
creationtimestamp| type| source ---|---|--- 2023-01-09 16:27:34+00:00| published-proof-of-concept| https://t.me/cibsecurity/56155...