28 matches found
EUVD-2024-40081
Malicious code in bioql PyPI...
EUVD-2024-32570
Malicious code in bioql PyPI...
EUVD-2024-29784
Malicious code in bioql PyPI...
CVE-2024-43154
Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.9...
CVE-2024-31926
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BracketSpace Advanced Cron Manager – debug & control allows Stored XSS.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.2...
CVE-2021-25084
The Advanced Cron Manager WordPress plugin before 2.4.2 and Advanced Cron Manager Pro WordPress plugin before 2.5.3 do not have authorisation checks in some of their AJAX actions, allowing any authenticated users, such as subscriber to call them and add or remove events as well as schedules for...
CVE-2024-4004
The Advanced Cron Manager WordPress plugin before 2.5.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-4004
The Advanced Cron Manager WordPress plugin before 2.5.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-4004 Advanced Cron Manager < 2.5.7 - Admin+ Stored XSS
The Advanced Cron Manager WordPress plugin before 2.5.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-4004
The CVE pertains to the WordPress plugin Advanced Cron Manager . Versions prior to 2.5.7 are affected due to insufficient sanitisation/escaping of certain settings, enabling a Stored XSS by high-privilege users (e.g., admins) even when the unfiltered_html capability is disallowed (such as in mult...
CVE-2024-4004 Advanced Cron Manager < 2.5.7 - Admin+ Stored XSS
The Advanced Cron Manager WordPress plugin before 2.5.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress plugin Advanced Cron Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-43154
Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.9...
CVE-2024-43154
Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.9...
CVE-2024-43154 WordPress Advanced Cron Manager – debug & control plugin <= 2.5.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.9...
CVE-2024-43154 WordPress Advanced Cron Manager – debug & control plugin <= 2.5.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.9...
CVE-2024-43154
CVE-2024-43154 is a Missing Authorization (broken access control) vulnerability in BracketSpace Advanced Cron Manager for WordPress, affecting debug & control up to version 2.5.9. Public sources indicate this plugin allows unauthorized access due to misconfigured access controls. Remediation from...
PT-2024-30345 · Bracketspace · Advanced Cron Manager
Name of the Vulnerable Software and Affected Versions: Advanced Cron Manager versions prior to 2.5.10 Description: The issue is related to a Missing Authorization vulnerability in BracketSpace Advanced Cron Manager, allowing exploitation of incorrectly configured access control security levels...
WordPress Advanced Cron Manager – debug & control plugin <= 2.5.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Advanced Cron Manager – debug & control versions = 2.5.9...
CVE-2024-31926
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BracketSpace Advanced Cron Manager – debug & control allows Stored XSS.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.2...