CVE-2023-6637

The CAOS | Host Google Analytics Locally plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatesettings' function in versions up to, and including, 4.7.14. This makes it possible for unauthenticated attackers to update plugin...

WordPress Plugin CAOS | Host Google Analytics Locally Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin CAOS | Host Google Analyti...

WordPress 4.7.x < 4.7.14 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability in post previews by contributors. - A cross-site scripting XSS vulnerability in stored comments. - An unspecified issue with...

Inedo ProGet Design Vulnerability

Inedo ProGet is a general-purpose package manager from Inedo Japan with package management, filtering and upgrading features. A security vulnerability exists in Inedo ProGet versions prior to 4.7.14, which stems from the program's failure to properly handle malicious packet IDs.No information is...

CVE-2017-14944

Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060...

CVE-2017-14944

Inedo ProGet is affected by CVE-2017-14944, with versions prior to 4.7.14 vulnerable due to improper handling of dangerous package IDs during package addition (PG-1060). The issue is scoped to Inedo ProGet before 4.7.14; exploitation details are not provided in the supplied documents. Remediation...