331 matches found
CVE-2024-13835
CVE-2024-13835 affects the WordPress plugin Post Meta Data Manager (
WordPress Post Meta Data Manager plugin <= 1.4.3 - Authenticated (Admin+) Multisite Privilege Escalation vulnerability
Authenticated Admin+ Multisite Privilege Escalation vulnerability discovered by Francesco Carlucci in WordPress Plugin Post Meta Data Manager versions = 1.4.3...
WordPress plugin Post Meta Data Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-27324 · Dell · Dell Data Manager Appliance
Name of the Vulnerable Software and Affected Versions: Dell Data Manager Appliance Software version 5.16.0.0 Description: The issue is related to an information disclosure vulnerability. A local attacker with high privileges could potentially exploit this, leading to the disclosure of certain use...
CVE-2024-6264
CVE-2024-6264 in the WordPress plugin Post Meta Data Manager allows Stored Cross-Site Scripting via the '$meta_key' parameter in versions up to 1.2.3. Exploitation requires Contributor+ auth and occurs on pages with injected scripts; the attacker can cause script execution when users visit those ...
CVE-2024-6264 Post Meta Data Manager <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Post Meta Data Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘$metakey’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Post Meta Data Manager plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Post Meta Data Manager versions = 1.2.3...
PT-2024-37494 · WordPress · Post Meta Data Manager
Name of the Vulnerable Software and Affected Versions: Post Meta Data Manager plugin for WordPress versions up to, and including, 1.2.3 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers...
WordPress Post Meta Data Manager Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS)
Software Post Meta Data Manager Type Plugin Vulnerable versions = 1.2.3 Fixed in 1.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6264 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5a9e96c785e0 Credits Francesco Carlucc...
The vulnerability of the microprogramming software of the Dell PowerProtect Data Manager DM5500 allows a intruder to perform arbitrary actions.
The vulnerability of the microprogramming software of the Dell PowerProtect Data Manager DM5500 exists due to the lack of measures taken to neutralize the special elements used in the operating system command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The software of the centralized backup and disaster recovery system of Dell PowerProtect Data Manager is vulnerable due to a flaw in the mechanism for recovering forgotten passwords. This vulnerability allows an intruder to gain unauthorized access to the application.
The software of the centralized backup and disaster recovery system Dell PowerProtect Data Manager has a vulnerability due to a flaw in the mechanism for recovering forgotten passwords. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the...
The software of the centralized backup and disaster recovery system of Dell PowerProtect Data Manager is vulnerable due to the lack of measures to neutralize special elements used in the operating system command set. This vulnerability allows a malicious actor to execute arbitrary commands on the basic operating system.
The software of the centralized backup and disaster recovery system Dell PowerProtect Data Manager is vulnerable because measures are not taken to neutralize the special elements used in the operating system command set. Exploiting this vulnerability could allow a malicious actor to execute any...
The software of the centralized backup and disaster recovery management system of Dell PowerProtect Data Manager is vulnerable due to incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to confidential data or cause service failures.
The vulnerability of the Dell PowerProtect Data Manager’s centralized backup and recovery software lies in improper restrictions on XML references to external objects. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential data or cause service failures...
Dell PowerProtect Data Manager XML External Entity Injection Vulnerability
Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. Dell PowerProtect Data Manager suffers from an XML external entity injection vulnerability that can be exploited by...
CVE-2024-25971
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service...
CVE-2024-25971
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service...
CVE-2024-25971
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service...
CVE-2024-25971
CVE-2024-25971 affects Dell PowerProtect Data Manager, version 19.15. The issue is an XML External Entity Injection that could be exploited remotely by a high-privilege attacker to cause information disclosure and denial of service. Exploitation details are not provided beyond the vendor/product ...
Dell PowerProtect Data Manager 代码问题漏洞
Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. Dell PowerProtect Data Manager suffers from an XML external entity injection vulnerability that can be exploited by...
The vulnerability of the microprogramming software of the Dell PowerProtect Data Manager DM5500, caused by buffer overflow in the queue, allows an attacker to trigger an emergency shutdown of the application or execute arbitrary code.
The vulnerability of the microprogramming software of the Dell PowerProtect Data Manager DM5500 backup device is caused by buffer overflow in the queue. Exploiting this vulnerability can allow an attacker, operating remotely, to cause the application to crash or execute arbitrary code...