20 matches found
CVE-2023-32585
Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6...
CVE-2021-32585
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests...
CVE-2025-32585
Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through = 1.2...
CVE-2025-32585 WordPress Shop Products Filter Plugin <= 1.2 - Local File Inclusion vulnerability
Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through = 1.2...
CVE-2025-32585 WordPress Shop Products Filter Plugin <= 1.2 - Local File Inclusion vulnerability
Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through = 1.2...
CVE-2023-32585
Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6...
CVE-2023-32585 WordPress Portfolio Gallery – Responsive Image Gallery plugin <= 1.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6...
CVE-2023-32585
CVE-2023-32585 relates to the WordPress plugin Portfolio Gallery – Responsive Image Gallery . The vulnerability is a Broken Access Control issue due to an missing authorization check that allowed unauthenticated users to exploit. Affected versions are v1.4.6 and earlier ; the issue is fixed in v1...
CVE-2023-32585 WordPress Portfolio Gallery – Responsive Image Gallery plugin <= 1.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in totalsoft Portfolio Gallery gallery-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through = 1.4.6...
CVE-2024-32585
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2...
CVE-2024-32585 WordPress Import Content in WordPress & WooCommerce with Excel plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2...
CVE-2024-32585 WordPress Import Content in WordPress & WooCommerce with Excel plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2...
WordPress Import Content in WordPress & WooCommerce with Excel Plugin <= 4.2 is vulnerable to Cross Site Scripting (XSS)
Software Import Content in WordPress & WooCommerce with Excel Type Plugin Vulnerable versions = 4.2 Fixed in 4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32585 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 597c127e874d Credits...
WordPress Portfolio Gallery – Responsive Image Gallery Plugin <= 1.4.6 is vulnerable to Broken Access Control
Software Portfolio Gallery – Responsive Image Gallery Type Plugin Vulnerable versions = 1.4.6 Fixed in 1.4.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-32585 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 46edb5a7cfb0 Credit...
CVE-2022-32585
creationtimestamp| type| source ---|---|--- 2022-10-13 15:05:03+00:00| seen| https://t.me/truesecator/3558 2022-10-13 17:22:33+00:00| seen| https://t.me/icscert/629...
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a...
CVE-2022-32585
Robustel R1510 is affected by CVE-2022-32585 in the clish art2 functionality. TALOS details a pre-auth/administrative-login path where a specially crafted network request can trigger arbitrary command execution, via the art2 feature accessed through the clish console. The 9.1/9.1–9.8 CVSS data in...
CVE-2021-32585
creationtimestamp| type| source ---|---|--- 2022-04-06 20:30:24+00:00| seen| https://t.me/cibsecurity/40242...
CVE-2021-32585
Fortinet FortiWAN (pre-4.5.9) is affected by CVE-2021-32585, a stored cross-site scripting (XSS) vulnerability caused by improper input neutralization during web page generation. The issue resides in the log viewer/web interface and can be triggered by specially crafted HTTP requests, allowing an...
CVE-2021-32585
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests...