The Events Calendar < 6.4.0.1 - Cross-site Scripting

The Events Calendar WordPress plugin 6.4.0.1 contains a stored XSS caused by improper sanitization of user-submitted content when rendering views via AJAX, letting attackers execute scripts in the context of the affected site. Exploitation requires user interaction. id: CVE-2024-4180 info: name:...

EUVD-2003-1480

Malware in sbrugna...

WordPress plugin Events Calendar security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...

PT-2024-17821 · WordPress · The Events Calendar

Name of the Vulnerable Software and Affected Versions: The Events Calendar WordPress plugin versions prior to 6.4.0.1 The Events Calendar Pro WordPress plugin versions prior to 6.4.0.1 Description: The issue allows users with at least the contributor role to leak details about events they should...

WordPress The Events Calendar PRO Plugin < 6.4.0.1 is vulnerable to Sensitive Data Exposure

Software The Events Calendar PRO Type Plugin Vulnerable versions 6.4.0.1 Fixed in 6.4.0.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-1295 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bc59557889e3 Credits Scott Kingsley Cla...

WordPress The Events Calendar plugin < 6.4.0.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Marc Montpas in WordPress Plugin The Events Calendar versions 6.4.0.1...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2016-8735, CVE-2016-6816)

Summary There are vulnerabilities CVE-2016-8735, CVE-2016-6816 reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron has remediated the affected versions. Vulnerability Details CVEID: CVE-2016-8735 DESCRIPTION: Apache Tomcat could allow a remote attacker t...

CVE-2003-1490

SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service device reset via a long HTTP POST to the internal interface, possibly due to a buffer overflow...

CVE-2003-1490

SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service device reset via a long HTTP POST to the internal interface, possibly due to a buffer overflow...

SonicWall Pro DoS?

Came across an apparent problem on a SonicWall Pro running firmware version 6.4.0.1 ROM version 5.0.1.0 during a vulnerability assessment and couldn't find any other postings on this problem so fwiw.. the problem occurs when sending a large HTTP POST to the inside interface - may affect others ju...