MINI-8MMV-5932-7PCW

Bulletin has no description...

Oracle Linux 8 : firefox (ELSA-2026-5932)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-5932 advisory. 140.9.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.9.0 - Add debranding patches Mustafa Gezen - Add OpenELA default...

Exploit for Deserialization of Untrusted Data in Givewp

Po...

CVE-2025-5932

creationtimestamp| type| source ---|---|--- 2025-06-26 03:48:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19570 2025-06-26 06:37:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsij7cqqgg2k...

CVE-2020-5932

On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting XSS vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed wh...

CVE-2019-5932

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Portal'...

CVE-2012-5932

Eval injection vulnerability in the ldapagnteval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request...

CVE-2023-5932

creationtimestamp| type| source ---|---|--- 2025-05-16 19:34:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16744...

WordPress Travelpayouts plugin < 1.1.14 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Travelpayouts versions 1.1.14...

CVE-2023-5932

The Travelpayouts: All Travel Brands in One Place WordPress plugin before 1.1.14 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-5932 Travelpayouts < 1.1.14 - Reflected XSS

The Travelpayouts: All Travel Brands in One Place WordPress plugin before 1.1.14 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-5932

The CVE-2023-5932 issue concerns the WordPress plugin Travelpayouts: All Travel Brands in One Place, affected in versions prior to 1.1.14. The root cause is that a parameter is not properly sanitized/escaped before being echoed back in the page, enabling a Reflected Cross-Site Scripting (XSS) att...

VulnCheck KEV: CVE-2024-5932

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a...

WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution Exploit

The GiveWP Donation plugin and Fundraising Platform plugin for WordPress in all versions up to and including 3.14.1 is vulnerable to a PHP object injection POI flaw granting an unauthenticated attacker arbitrary code execution. This module requires Metasploit: https://metasploit.com/download...

WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GiveWP Unauthenticated Donation Process Exploit', 'Description' = %q The GiveWP Donation Plugin and Fundraising Platform plugin for WordPress in...

Exploit for Deserialization of Untrusted Data in Givewp

This post is a research article published by EQSTLabhttps://g...

Exploit for Deserialization of Untrusted Data in Givewp

Proof-Of-Concept Code for CVE-2024-8353 This repository conta...

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 CVSS score: 10.0, impacts all versions of the plugin prior to version 3.14.2,...

CVE-2024-5932

creationtimestamp| type| source ---|---|--- 2024-08-20 04:34:57+00:00| seen| https://t.me/cvedetector/3590 2024-08-20 13:04:10+00:00| published-proof-of-concept| https://t.me/HackingInsights/10628 2024-08-20 18:01:05+00:00| seen| https://t.me/truesecator/6114 2024-08-21 07:42:25+00:00|...

CVE-2024-5932

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a PHP...