CVE-2026-5347 WP Books Gallery <= 4.8.0 - Missing Authorization to Unauthenticated Settings Update via 'permalink_structure' Parameter

The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admininit hook that handles the permalink settings update at line 205-209 of wp-books-gallery.php...

CVE-2025-5347

creationtimestamp| type| source ---|---|--- 2025-10-30 15:43:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4gcisspqn2q...

CVE-2025-5347

Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are vulnerable to Stored Cross Site Scripting in the reports module...

ECHO-EFE4-3A95-5347

Bulletin has no description...

CVE-2024-5347

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'arrow' attribute within the plugin's Post Navigation widget in all versions up to, and including, 3.10.9 due to insufficient input sanitization and output escaping on user supplied attributes...

CVE-2024-5347 Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation Widget

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'arrow' attribute within the plugin's Post Navigation widget in all versions up to, and including, 3.10.9 due to insufficient input sanitization and output escaping on user supplied attributes...

WordPress Happy Addons for Elementor Plugin <= 3.10.9 is vulnerable to Cross Site Scripting (XSS)

Software Happy Addons for Elementor Type Plugin Vulnerable versions = 3.10.9 Fixed in 3.11.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5347 Patch priority Low CVSS severity Low 6.5 Developer Leevio PSID ebc3fed24a0c Credits wesley wcraft Requir...

CVE-2023-5347

creationtimestamp| type| source ---|---|--- 2024-01-16 19:16:48+00:00| seen| https://t.me/ctinow/168962 2024-01-17 18:40:36+00:00| seen| https://t.me/CyberSecurityTechnologies/9800 2024-01-26 09:06:23+00:00| seen| https://t.me/ctinow/174063 2024-08-16 09:09:02+00:00| seen| https://t.me/Rootsec2/2...

Korenix JetNet Series Unauthenticated Access Exploit

------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Korenix JetNet Series vulnerable version| See "Vulnerable versions" fixed version| - CVE number| CVE-2023-5376, CVE-2023-5347 impact| High homepage| https://www.korenix.com/...

Korenix JetNet Series Unauthenticated Access

CyberDanube Security Research 20240109-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Korenix JetNet Series vulnerable version| See "Vulnerable versions" fixed version| - CVE number| CVE-2023-5376, CVE-2023-5347 impact|...

CVE-2023-5347

CVE-2023-5347 describes an improper verification of cryptographic signatures in the update process of Korenix JetNet Series. The vulnerability allows replacing the entire operating system, including trusted executables, on JetNet devices older than firmware version 2024/01. The impact is high (fu...

CVE-2023-5347 Unauthenticated Firmware Upgrade

An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01...

CVE-2023-5347 Unauthenticated Firmware Upgrade

An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01...

SUSE CVE-2008-5347

Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...

Ubuntu 18.04 LTS / 20.04 LTS : OpenVPN vulnerability (USN-5347-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5347-1 advisory. It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use...

CVE-2020-5347

Summary (CVE-2020-5347) Dell EMC Isilon OneFS versions 8.2.2 and earlier are affected by a denial-of-service condition in the SmartConnect DNS component. The issue arises from an error condition that may loop, consuming CPU and potentially preventing other SmartConnect DNS responses. The CVSS3.1 ...

CVE-2019-5347

A remote authentication bypass vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2019-5347

HPE Intelligent Management Center (IMC) PLAT contains a remote authentication bypass in the UrlAccessController servlet, affecting versions earlier than 7.3 E0506P09. The vulnerability allows remote attackers to bypass authentication and perform unauthorized operations. The available sources cons...

CVE-2019-5347

A remote authentication bypass vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

Seagate Personal Cloud Multiple Vulnerabilities(CVE-2018-5347)

Vulnerabilities summary The following advisory describes two 2 unauthenticated command injection vulnerabilities. Seagate Personal Cloud Home Media Storage is “the easiest way to store, organize, stream and share all your music, movies, photos, and important documents.” Credit An independent...