379 matches found
WordPress Traveler theme < 3.2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Traveler versions 3.2.3...
Linux Distros Unpatched Vulnerability : CVE-2016-10515
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages. CVE-2016-10515 Note that...
Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2025-1142)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1142 advisory. An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service DoS via the convert function of exrmultipart.cpp. CVE-2024-31047 Tenable has...
WordPress WooCommerce Registration Fields Plugin - Custom Signup Fields plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability
WordPress WooCommerce Registration Fields Plugin - Custom Signup Fields plugin = 3.2.3 - Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WooCommerce Registration Fields Plugin - Custom Signup Fields versions = 3.2.3...
WordPress WooCommerce Registration Fields Plugin - Custom Signup Fields plugin <= 3.2.3 - Privilege Escalation vulnerability
WordPress WooCommerce Registration Fields Plugin - Custom Signup Fields plugin = 3.2.3 - Privilege Escalation vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WooCommerce Registration Fields Plugin - Custom Signup Fields versions = 3.2.3...
CVE-2024-35234
Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta3 on the tests-passed branch, an attacker can execute arbitrary JavaScript on users’ browsers by posting a specific URL containing maliciously crafted meta tags. This issue only...
CVE-2024-3031
The Fluid Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2024-31246
Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through = 3.2.3...
CVE-2023-24373
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...
CVE-2023-1612
A vulnerability, which was classified as critical, was found in Rebuild up to 3.2.3. This affects an unknown part of the file /files/list-file. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It...
CVE-2023-0480
VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. This is possible because the application is vulnerable to CSRF...
CVE-2023-24407
Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...
CVE-2021-24955
The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not escape the data parameter of the ppgetformsbybuildertype AJAX action before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue...
CVE-2019-19935
Froala Editor before 3.2.3 allows XSS...
CVE-2017-18004
Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint...
WordPress Wishlist for WooCommerce plugin <= 3.2.2 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Wishlist for WooCommerce versions = 3.2.2...
OESA-2025-1435 cobbler security update
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
OESA-2025-1412 cobbler security update
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
OESA-2025-1411 cobbler security update
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
WordPress IMPress for IDX Broker plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin IMPress for IDX Broker versions = 3.2.3...