3642 matches found
CVE-2023-32294
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Radical Web Design GDPR Cookie Consent Notice Box plugin = 1.1.6 versions...
CVE-2023-32294
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Radical Web Design GDPR Cookie Consent Notice Box plugin = 1.1.6 versions...
CVE-2023-34004
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Box Office plugin = 1.1.50 versions...
CVE-2023-34004
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Box Office plugin = 1.1.50 versions...
CVE-2023-32294
CVE-2023-32294 – Stored XSS in GDPR Cookie Consent Notice Box plugin for WordPress . Affected: Radical Web Design GDPR Cookie Consent Notice Box plugin versions
CVE-2023-34004 WordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Box Office plugin = 1.1.50 versions...
CVE-2023-34004
CVE-2023-34004 affects the WordPress plugin WooCommerce Box Office, specifically versions up to and including 1.1.50. The vulnerability is a Stored Cross-Site Scripting (XSS) that can be triggered by authenticated users with contributor-level permissions. The issue is resolved in version 1.1.51 o...
CVE-2023-34004 WordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Box Office plugin = 1.1.50 versions...
WordPress All-in-One WP Migration Box Extension Plugin <= 1.53 is vulnerable to Broken Access Control
Software All-in-One WP Migration Box Extension Type Plugin Vulnerable versions = 1.53 Fixed in 1.54 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40004 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 2ca675b8186e Credits Rafie...
WordPress plugin WooCommerce Box Office 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2023-24623 · WordPress · Woocommerce Box Office
Name of the Vulnerable Software and Affected Versions: WooCommerce Box Office plugin versions = 1.1.50 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by authenticated users with contributor or higher permissions. There is ...
Security Bulletin: IBM App Connect Enterprise Certified Container operands that use the Box or Snowflake connectors are vulnerable to arbitrary code execution due to [CVE-2023-37466], [CVE-2023-37903]
Summary Node.js module vm2 is used internally by the Box and Snowflake connectors in Designer flows in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands that run Designer flows...
The Internet Is Turning Into a Data Black Box. An ‘Inspectability API’ Could Crack It Open
Unlike web browsers, mobile apps increasingly make it difficult or impossible to see what companies are really doing with your data. The answer? An inspectability API...
August 22, 2023—KB5029331 (OS Build 19045.3393) Preview
August 22, 2023—KB5029331 OS Build 19045.3393 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...
August 22, 2023—KB5029351 (OS Build 22621.2215) Preview
August 22, 2023—KB5029351 OS Build 22621.2215 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to...
CVE-2023-3601
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor...
CVE-2023-3601
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor...
Information disclosure
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor...
CVE-2023-3601 Simple Author Box < 2.52 - Contributor+ Arbitrary User Information Disclosure via IDOR
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor...
CVE-2023-3601 Simple Author Box < 2.52 - Contributor+ Arbitrary User Information Disclosure via IDOR
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor...