Lucene search
K

331 matches found

CVE
CVE
added 2025/03/08 2:24 a.m.50 views

CVE-2024-13835

CVE-2024-13835 affects the WordPress plugin Post Meta Data Manager (

7.2CVSS7.2AI score0.00372EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2025/03/08 2:19 a.m.3 views

WordPress Post Meta Data Manager plugin <= 1.4.3 - Authenticated (Admin+) Multisite Privilege Escalation vulnerability

Authenticated Admin+ Multisite Privilege Escalation vulnerability discovered by Francesco Carlucci in WordPress Plugin Post Meta Data Manager versions = 1.4.3...

7.2CVSS8.6AI score0.00372EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.3 views

WordPress plugin Post Meta Data Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.2CVSS8.8AI score0.00372EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/31 12:0 a.m.4 views

PT-2024-27324 · Dell · Dell Data Manager Appliance

Name of the Vulnerable Software and Affected Versions: Dell Data Manager Appliance Software version 5.16.0.0 Description: The issue is related to an information disclosure vulnerability. A local attacker with high privileges could potentially exploit this, leading to the disclosure of certain use...

4.4CVSS6.5AI score0.00133EPSS
Exploits0References6
CVE
CVE
added 2024/07/02 11:1 a.m.48 views

CVE-2024-6264

CVE-2024-6264 in the WordPress plugin Post Meta Data Manager allows Stored Cross-Site Scripting via the '$meta_key' parameter in versions up to 1.2.3. Exploitation requires Contributor+ auth and occurs on pages with injected scripts; the attacker can cause script execution when users visit those ...

6.4CVSS5.6AI score0.00344EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/07/02 11:1 a.m.20 views

CVE-2024-6264 Post Meta Data Manager <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Post Meta Data Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘$metakey’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00344EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/07/02 2:10 a.m.2 views

WordPress Post Meta Data Manager plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Post Meta Data Manager versions = 1.2.3...

6.4CVSS5.8AI score0.00344EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.4 views

PT-2024-37494 · WordPress · Post Meta Data Manager

Name of the Vulnerable Software and Affected Versions: Post Meta Data Manager plugin for WordPress versions up to, and including, 1.2.3 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers...

6.4CVSS6.2AI score0.00344EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/07/02 12:0 a.m.8 views

WordPress Post Meta Data Manager Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Post Meta Data Manager Type Plugin Vulnerable versions = 1.2.3 Fixed in 1.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6264 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5a9e96c785e0 Credits Francesco Carlucc...

6.4CVSS5.8AI score0.00344EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.4 views

The vulnerability of the microprogramming software of the Dell PowerProtect Data Manager DM5500 allows a intruder to perform arbitrary actions.

The vulnerability of the microprogramming software of the Dell PowerProtect Data Manager DM5500 exists due to the lack of measures taken to neutralize the special elements used in the operating system command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

8.3CVSS7.5AI score0.01589EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.9 views

The software of the centralized backup and disaster recovery system of Dell PowerProtect Data Manager is vulnerable due to a flaw in the mechanism for recovering forgotten passwords. This vulnerability allows an intruder to gain unauthorized access to the application.

The software of the centralized backup and disaster recovery system Dell PowerProtect Data Manager has a vulnerability due to a flaw in the mechanism for recovering forgotten passwords. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the...

10CVSS7.6AI score0.0056EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/16 12:0 a.m.4 views

The software of the centralized backup and disaster recovery system of Dell PowerProtect Data Manager is vulnerable due to the lack of measures to neutralize special elements used in the operating system command set. This vulnerability allows a malicious actor to execute arbitrary commands on the basic operating system.

The software of the centralized backup and disaster recovery system Dell PowerProtect Data Manager is vulnerable because measures are not taken to neutralize the special elements used in the operating system command set. Exploiting this vulnerability could allow a malicious actor to execute any...

9CVSS7.2AI score0.01439EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/05 12:0 a.m.4 views

The software of the centralized backup and disaster recovery management system of Dell PowerProtect Data Manager is vulnerable due to incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to confidential data or cause service failures.

The vulnerability of the Dell PowerProtect Data Manager’s centralized backup and recovery software lies in improper restrictions on XML references to external objects. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential data or cause service failures...

6.8CVSS5.5AI score0.00565EPSS
Exploits0References2
CNVD
CNVD
added 2024/04/01 12:0 a.m.23 views

Dell PowerProtect Data Manager XML External Entity Injection Vulnerability

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. Dell PowerProtect Data Manager suffers from an XML external entity injection vulnerability that can be exploited by...

6.5CVSS6AI score0.00565EPSS
Exploits0References1
OSV
OSV
added 2024/03/28 7:15 p.m.4 views

CVE-2024-25971

Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service...

6.5CVSS5.8AI score0.00565EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/28 6:43 p.m.11 views

CVE-2024-25971

Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service...

5.5CVSS6.8AI score0.00565EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/28 6:43 p.m.18 views

CVE-2024-25971

Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service...

5.5CVSS5.7AI score0.00565EPSS
Exploits0References1
CVE
CVE
added 2024/03/28 6:43 p.m.70 views

CVE-2024-25971

CVE-2024-25971 affects Dell PowerProtect Data Manager, version 19.15. The issue is an XML External Entity Injection that could be exploited remotely by a high-privilege attacker to cause information disclosure and denial of service. Exploitation details are not provided beyond the vendor/product ...

6.5CVSS5.4AI score0.00565EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/03/28 12:0 a.m.4 views

Dell PowerProtect Data Manager 代码问题漏洞

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. Dell PowerProtect Data Manager suffers from an XML external entity injection vulnerability that can be exploited by...

6.5CVSS6.7AI score0.00565EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/03/05 12:0 a.m.7 views

The vulnerability of the microprogramming software of the Dell PowerProtect Data Manager DM5500, caused by buffer overflow in the queue, allows an attacker to trigger an emergency shutdown of the application or execute arbitrary code.

The vulnerability of the microprogramming software of the Dell PowerProtect Data Manager DM5500 backup device is caused by buffer overflow in the queue. Exploiting this vulnerability can allow an attacker, operating remotely, to cause the application to crash or execute arbitrary code...

8.1CVSS8.4AI score0.01047EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder