WordPress PeepSo Core: File Uploads plugin <= 6.4.6.0 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via file_download vulnerability

Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via filedownload vulnerability discovered by Bikram Kharal in WordPress Plugin PeepSo Core: File Uploads versions = 6.4.6.0...

WordPress Community by PeepSo plugin <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Bikram Kharal in WordPress Plugin Community by PeepSo versions = 6.4.6.1...

CVE-2023-33333

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting XSS.This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1...

PT-2023-24302 · Really Simple Plugins · Really Simple Plugins Complianz Premium +1

Name of the Vulnerable Software and Affected Versions: Really Simple Plugins Complianz versions through 6.4.4 Really Simple Plugins Complianz Premium versions through 6.4.6.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that also allows Cross-Site Scripting XSS in...

Webcache Poisoning in shopware/platform and shopware/core

Impact Webcache Poisoning via X-Forwarded-Prefix and sub-request Patches We recommend updating to the current version 6.4.6.1. You can get the update to 6.4.6.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For...