WordPress Lewe Bootstrap Visuals Plugin <= 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Lewe Bootstrap Visuals Type Plugin Vulnerable versions = 2.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51810 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 57dcf0adb6df Credits SOPROBRO Required privilege...

CVE-2024-10329

The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ubegetpagetemplates' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-10329 Ultimate Bootstrap Elements for Elementor <= 1.4.6 - Authenticated (Contributor+) Sensitive Information Exposure

The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ubegetpagetemplates' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.6 - Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by Ankit Patel in WordPress Plugin Ultimate Bootstrap Elements for Elementor versions = 1.4.6...

WordPress plugin Ultimate Bootstrap Elements for Elementor 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information...

Medium: aws-cfn-bootstrap

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

Amazon Linux 2 : aws-cfn-bootstrap (ALAS-2024-2654)

The version of aws-cfn-bootstrap installed on the remote host is prior to 2.0-31. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2654 advisory. Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made...

Medium: aws-cfn-bootstrap

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

Medium: aws-cfn-bootstrap

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

Amazon Linux 2023 : aws-cfn-bootstrap (ALAS2023-2024-732)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-732 advisory. Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the...

RHSA-2022:8865 Red Hat Security Advisory: Red Hat OpenStack 16.1.9 (python-XStatic-Bootstrap-SCSS) security update

Bulletin has no description...

RHSA-2022:8848 Red Hat Security Advisory: Red Hat OpenStack 16.2.4 (python-XStatic-Bootstrap-SCSS) security update

Bulletin has no description...

RHSA-2020:5571 Red Hat Security Advisory: python-XStatic-Bootstrap-SCSS security update

Bulletin has no description...

CVE-2024-6544

The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions up to, and including, 4.4.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path...

CVE-2024-6544 Custom Post Limits <= 4.4.1 - Unauthenticated Full Path Disclosure

The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions up to, and including, 4.4.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path...

Cross Site Scripting (XSS)

bootstrap is vulnerable to Cross Site Scripting XSS. The vulnerability is cause due to a missing validation and sanitization in the href attribute of the tag in the carousel component in the data-slide and data-slide-to attributes. This can enable attackers to execute arbitrary JavaScript within...

Webpay E-Commerce 1.0 Directory Traversal

============================================================================================================================================= | Title : Webpay E-Commerce v1.0 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

Simple College Website 1.0 SQL Injection / Code Execution

============================================================================================================================================= | Title : Simple College Website 1.0 WYSIWYG Settings Management Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

School Log Management System 1.0 SQL Injection / Code Execution

============================================================================================================================================= | Title : School Log Management System 1.0 WYSIWYG Settings Management Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters

Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for services used by the cluster. "An attacker with command execution in a pod runnin...