WordPress plugin WP Import Export Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

WordPress WP Import Export Lite Plugin <= 3.9.26 is vulnerable to PHP Object Injection

Software WP Import Export Lite Type Plugin Vulnerable versions = 3.9.26 Fixed in 3.9.27 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-31308 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 6bc80ca274a7 Credits Trình Vũ Sonicrrrr from VNPT-VCI...

Information disclosure

Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated...

PT-2021-16931 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.27 Description: An issue was discovered in the install action of com installer, where it lacks the required hardcoded ACL checks for superusers. However, a default system is not affected because the default...

Joomla! CMS 输入验证错误漏洞

is a set of forum components used in the Joomla! content management system. Joomla! is vulnerable to an input validation error in versions 2.5.0 to 3.9.27, which can be exploited by attackers to cause corruption in the usergroups table...

Joomla! CMS 跨站脚本漏洞

A cross-site scripting vulnerability exists in versions 3.0.0 to 3.9.27 of Joomla!...

Joomla! Cross-site scripting vulnerability (CNVD-2021-53938)

A cross-site scripting vulnerability exists in versions 3.0.0 to 3.9.27, which could be exploited to lure users into clicking on and executing client-side code to steal user cookie credentials...

Joomla! 3.x < 3.9.27 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.x prior to 3.9.27. It is, therefore, affected by multiple vulnerabilities. - HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors. CVE-2021-26032...

WordPress Multiple Vulnerabilities (Mar 2019) - Windows

WordPress is prone to a cross-site request forgery CSRF vulnerability in a comment form which leads to HTML injection and cross-site scripting XSS attacks. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...