24 matches found
CVE-2023-31087
Cross-Site Request Forgery CSRF vulnerability in JoomSky JS Job Manager plugin = 2.0.0 versions...
CVE-2022-31087
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...
CVE-2025-31087
Deserialization of Untrusted Data vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-billing-address-for-woocommerce allows Object Injection.This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through = 1.5...
CVE-2025-31087
creationtimestamp| type| source ---|---|--- 2025-04-01 06:31:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9849 2025-04-01 06:40:30+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llqbc36ljr24 2025-04-01 07:48:38+00:00| seen|...
CVE-2025-31087
Deserialization of Untrusted Data vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-billing-address-for-woocommerce allows Object Injection.This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through = 1.5...
CVE-2025-31087 WordPress Multiple Shipping And Billing Address For Woocommerce plugin <= 1.5 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-billing-address-for-woocommerce allows Object Injection.This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through = 1.5...
CVE-2025-31087 WordPress Multiple Shipping And Billing Address For Woocommerce <= 1.5 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce allows Object Injection. This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through 1.5...
CVE-2025-31087
CVE-2025-31087 is tied to the WordPress plugin “Multiple Shipping And Billing Address For Woocommerce.” The connected document confirms a vulnerable pattern: unauthenticated PHP Object Injection arising from deserialization of untrusted data in this plugin (described as Unauthenticated PHP Object...
CVE-2024-31087
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joel Starnes pageMash Page Management allows Reflected XSS.This issue affects pageMash Page Management: from n/a through 1.3.0...
CVE-2024-31087
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joel Starnes pageMash Page Management allows Reflected XSS.This issue affects pageMash Page Management: from n/a through 1.3.0...
CVE-2024-31087 WordPress pageMash plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joel Starnes pageMash Page Management allows Reflected XSS.This issue affects pageMash Page Management: from n/a through 1.3.0...
CVE-2024-31087
CVE-2024-31087 affects the WordPress plugin pageMash – Page Management (Page Management). The flaw is an improper neutralization of input leading to Reflected XSS during page generation, reported for versions up to 1.3.0 . The connected Red Hat CVE entry corroborates the pageMash Page Management ...
WordPress pageMash > Page Management Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software pageMash Page Management Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31087 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 77d83c9f1a3c Credits Dimas Maulana Required...
CVE-2023-31087
Cross-Site Request Forgery CSRF vulnerability in JoomSky JS Job Manager plugin = 2.0.0 versions...
CVE-2023-31087 WordPress JS Job Manager Plugin <=2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in JoomSky JS Job Manager plugin = 2.0.0 versions...
CVE-2023-31087
CVE-2023-31087 – JoomSky JS Job Manager (WordPress) CSRF vulnerability in versions 2.0.0, specifically 2.0.1 per PatchStack, to mitigate. Impact is described variably across sources; Wordfence lists CSRF via multiple functions and patch status as Patched, while CVSS scales differ between sources...
WordPress JS Job Manager Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software JS Job Manager Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.0.1 OWASP Top 10 A2: Broken Authentication Classification Cross Site Request Forgery CSRF CVE CVE-2023-31087 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID cfbe0d0492f9 Credits Yuki Haruma Required...
CVE-2022-31087
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...
CVE-2022-31087 Incorrect Default Permissions in ldap-account-manager
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...
CVE-2022-31087 Incorrect Default Permissions in ldap-account-manager
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...