CVE-2024-9657

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' parameter in all versions up to, and including, 5.10.2 due to insufficient input sanitization and output...

PT-2024-39899 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.10.2 Description: The issue is related to Stored Cross-Site Scripting via the marker content parameter in the 'Open Map Widget'. This is due to insufficie...

[SECURITY] Fedora 40 Update: junit5-5.10.2-3.fc40

JUnit is a popular regression testing framework for Java platform...

Vulnerabilities fixed in ForgeRock Web Agents and Java Agents

ForgeRock has fixed vulnerabilities in Web Agents and Java Agents. An unauthenticated remote malicious agent could potentially exploit the vulnerabilities potentially exploit them to bypass authentication, gain access to sensitive data or execute arbitrary code execute arbitrary code. ForgeRock h...

WordPress Better Click To Tweet plugin <= 5.10.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered in WordPress Better Click To Tweet plugin versions = 5.10.1. Solution Update the WordPress Better Click To Tweet plugin to the latest available version at least 5.10.2...

CloudLinux Imunify360 代码问题漏洞

CloudLinux Imunify360 is a comprehensive security platform for web hosting servers from CloudLinux USA. CloudLinux Imunify360 version 5.10.2 A security vulnerability exists in the Ai-Bolit feature that stems from a php deserialization vulnerability in the Ai-Bolit feature. A specially crafted fil...

Shortcodes Ultimate < 5.10.2 - Contributor+ Stored XSS

The plugin allows users with Contributor roles to perform stored XSS via shortcode attributes. Note: the plugin is inconsistent in its handling of shortcode attributes; some do escape, most don't, and there are even some attributes that are insecure by design like subutton's onclick attribute...

TIBCO Security Advisory: April 20, 2021 - TIBCO Administrator - Enterprise Edition -2021-28828

TIBCO Administrator SQL injection vulnerability Original release date: April 20,2021 Last revised: CVE-2021-28828 Source: TIBCO Software Inc. Products Affected TIBCO Administrator - Enterprise Edition versions 5.10.2 and below TIBCO Administrator - Enterprise Edition versions 5.11.0 and 5.11.1...

Snapview Mikogo Privilege Vulnerability

Snapview Mikogo is a suite of screen sharing and online meeting software. An elevation of privilege vulnerability exists in Snapview Mikogo versions prior to 5.10.2 Windows. A local attacker can exploit this vulnerability to elevate privileges...

CVE-2019-12731

The Windows versions of Snapview Mikogo, versions before 5.10.2 are affected by insecure implementations which allow local attackers to escalate privileges...

WordPress 2by2host Widget Logic Plugin Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. 2by2host Widget Logic plugin is a web widget control plugin used in it. A cross-site request forgery vulnerability exists in the...

[SECURITY] Fedora 16 Update: pl-5.10.2-9.fc16

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...