CVE-2023-52220

Missing Authorization vulnerability in MonsterInsights Google Analytics by Monster Insights.This issue affects Google Analytics by Monster Insights: from n/a through 8.21.0...

WordPress plugin Google Analytics by Monster Insights 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2024-14484 · Monster Insights · Google Analytics

Name of the Vulnerable Software and Affected Versions: Google Analytics by Monster Insights versions 8.21.0 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects the MonsterInsights Google Analytics plugin by Monster Insights...

Authorization

Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the...

CVE-2023-36826 Sentry vulnerable to improper authorization on debug and artifact file downloads

Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the...

Atlassian Jira 8.7.0 < 8.13.12 Non-Administrators Able To Configure Replication Settings

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.21.0. It is, therefore, affected by a vulnerability which permits authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken...

Atlassian Jira < 8.20.3 / 8.21.0 XSS (JRASERVER-73069)

The version of Atlassian Jira installed on the remote host is prior to 8.20.3 / 8.21.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73069 advisory. - Stored XSS on /rest/jpo/1.0/hierarchyConfiguration via issueTypes parameter - CVE-2021-43945 CVE-2021-43945 Note...

Cross site request forgery (csrf)

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery CSRF vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint. The affected versions are before version 8.21.0...

Stored XSS on /rest/jpo/1.0/hierarchyConfiguration via issueTypes parameter - CVE-2021-43945

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are...