87 matches found
CVE-2026-3053
creationtimestamp| type| source ---|---|--- 2026-02-26 01:40:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfq2tq2mty2e...
CVE-2026-3053
A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component OpenAPI Endpoint. Executing a manipulation can lead to missing authentication. It is possible to laun...
CVE-2026-3053
DataLinkDC dinky OpenAPI Endpoint vulnerability (CVE-2026-3053) affects dinky up to version 1.2.5, via the addInterceptors function in dinky-admin/src/main/java/org/dinky/configure/AppConfig.java. The flaw enables remote authentication bypass due to manipulation of the OpenAPI Endpoint component....
CVE-2024-3053
The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ forminatorform shortcode attribute in versions up to, and including, 1.29.2 due to insufficient input sanitization and output escaping. This makes it...
CVE-2025-3053
creationtimestamp| type| source ---|---|--- 2025-05-15 06:57:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp6wrhhhrm2e...
CVE-2025-3053 UiPress lite | Effortless custom dashboards, admin themes and pages <= 3.5.07 - Authenticated (Subscriber+) Remote Code Execution
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.5.07 via the uipprocessforminput function. This is due to the function taking user supplied inputs to execute arbitrary...
CVE-2025-3053 UiPress lite | Effortless custom dashboards, admin themes and pages <= 3.5.07 - Authenticated (Subscriber+) Remote Code Execution
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.5.07 via the uipprocessforminput function. This is due to the function taking user supplied inputs to execute arbitrary...
WordPress UiPress lite plugin <= 3.5.07 - Authenticated (Subscriber+) Remote Code Execution vulnerability
Authenticated Subscriber+ Remote Code Execution vulnerability discovered by WordFence in WordPress Plugin UiPress lite versions = 3.5.07...
CVE-2024-3053
CVE-2024-3053 applies to the WordPress plugin Forminator – Contact Form, Payment Form & Custom Form Builder . The vulnerability is a Stored Cross-Site Scripting via the shortcodes’ forminator_form id attribute, affecting versions up to and including 1.29.2 due to insufficient input sanitization a...
Student Information System Security Breach
Student Information System is a web-based application platform by Carlo Montero, a personal developer. It can help a university or college to manage student information and academic records. A security vulnerability exists in Student Information Systems version v.3053. A remote attacker can explo...
PT-2024-19619 · Genesis · Genesis Aims Student Information Systems +1
Name of the Vulnerable Software and Affected Versions: Genesis AIMS Student Information Systems version 3053 Description: The issue is a cross-site scripting XSS vulnerability in the Parents & Student Portal of Genesis School Management Systems. This allows remote attackers to inject arbitrary we...
WordPress Page Builder with Image Map by AZEXO Plugin <= 1.27.133 is vulnerable to Broken Access Control
Software Page Builder with Image Map by AZEXO Type Plugin Vulnerable versions = 1.27.133 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3053 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID bcb4f38dcc4d Credits...
CVE-2023-3053
The Page Builder by AZEXO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'azhaddpost' function in versions up to, and including, 1.27.133. This makes it possible for authenticated attackers to create a post with any post type and...
CVE-2023-3053 Page Builder by AZEXO <= 1.27.133 - Missing Authorization to Post Creation
The Page Builder by AZEXO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'azhaddpost' function in versions up to, and including, 1.27.133. This makes it possible for authenticated attackers to create a post with any post type and...
CVE-2023-3053 Page Builder by AZEXO <= 1.27.133 - Missing Authorization to Post Creation
The Page Builder by AZEXO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'azhaddpost' function in versions up to, and including, 1.27.133. This makes it possible for authenticated attackers to create a post with any post type and...
CVE-2023-3053
CVE-2023-3053 affects Page Builder by AZEXO for WordPress. The vulnerability is due to a missing capability check in the azh_add_post function, present up to version 1.27.133. This Broken Access Control allows authenticated attackers to create posts with any post type and post status. The Initial...
Fedora: Security Advisory for chromium (FEDORA-2022-3f28aa88cf)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-3053
Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page...
CVE-2022-3053
Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page...
CVE-2022-3053
CVE-2022-3053 corresponds to an “Inappropriate implementation in Pointer Lock” in Google Chrome on macOS prior to 105.0.5195.52, enabling a remote attacker to restrict user navigation via a crafted HTML page. The connected documents confirm this vulnerability in Chromium/Chrome with affected vers...