21 matches found
CVE-2026-32445
creationtimestamp| type| source ---|---|--- 2026-05-09 03:33:11+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlfcpyizrh24...
CVE-2026-32445 WordPress Elementor Website Builder plugin <= 3.35.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through = 3.35.5...
CVE-2026-32445 WordPress Elementor Website Builder plugin <= 3.35.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through = 3.35.5...
CVE-2023-32445
This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack...
CVE-2025-32445 vulnerabilities
Vulnerabilities for packages: argo-events-fips...
CVE-2025-32445
Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor...
CVE-2025-32445 Users can gain privileged access to the host system and cluster with EventSource and Sensor CR
Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor...
CVE-2025-32445
CVE-2025-32445 is tied to Argo Events. A user with permission to create/modify EventSource and Sensor CRs can cause the orchestrated pod to run with elevated/privileged capabilities by manipulating fields in spec.template and spec.template.container (including command, args, securityContext, volu...
CVE-2025-32445 Users can gain privileged access to the host system and cluster with EventSource and Sensor CR
Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor...
CVE-2025-32445
creationtimestamp| type| source ---|---|--- 2025-04-13 19:24:37+00:00| published-proof-of-concept| https://github.com/argoproj/argo-events/security/advisories/GHSA-hmp7-x699-cvhq 2025-04-15 20:06:15+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114343777087123748 2025-04-15...
CVE-2024-32445
Cross-Site Request Forgery CSRF vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition.This issue affects WebinarIgnition: from n/a through = 3.05.8...
CVE-2024-32445 WordPress WebinarIgnition plugin <= 3.05.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition.This issue affects WebinarIgnition: from n/a through = 3.05.8...
CVE-2024-32445 WordPress WebinarIgnition plugin <= 3.05.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Saleswonder Team WebinarIgnition.This issue affects WebinarIgnition: from n/a through 3.05.8...
CVE-2024-32445
CVE-2024-32445 is a CSRF vulnerability in Saleswonder’s WebinarIgnition plugin for WordPress, affecting WebinarIgnition up to version 3.05.8. The sources describe a CSRF flaw but do not provide exploitation details, confirmed patches, or exact affected configurations beyond that.
WordPress WebinarIgnition Plugin <= 3.05.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software WebinarIgnition Type Plugin Vulnerable versions = 3.05.8 Fixed in 3.06.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32445 Patch priority Low CVSS severity Low 5.4 Developer Tobias PSID a3482615028f Credits Dhabaleshwar Das Required...
CVE-2023-32445
creationtimestamp| type| source ---|---|--- 2023-07-28 12:29:19+00:00| seen| https://t.me/cibsecurity/67360...
CVE-2023-32445
This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack...
CVE-2023-32445
This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack...
CVE-2023-32445
CVE-2023-32445 is a cross-site scripting vulnerability triggered when processing a document. The issue affects Apple platforms including Safari, macOS Ventura, iOS, iPadOS, watchOS, and tvOS as listed, with exploitation potential tied to document handling. Apple states the vulnerability is resolv...
CVE-2023-32445
This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack...