331 matches found
WordPress Plugin Post Meta Data Manager Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Post Meta Data Manager Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Post Meta Data Manager Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5776 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID be22b4c7158e Credits Francesco...
CVE-2023-5426
The Post Meta Data Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdmwpdeleteusermeta, pmdmwpdeletetermmeta, and pmdmwpajaxdeletemeta functions in versions up to, and including, 1.2.0. This makes it possible for...
Design/Logic Flaw
The Post Meta Data Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdmwpdeleteusermeta, pmdmwpdeletetermmeta, and pmdmwpajaxdeletemeta functions in versions up to, and including, 1.2.0. This makes it possible for...
CVE-2023-5426
CVE-2023-5426 affects the WordPress plugin Post Meta Data Manager (versions ≤ 1.2.0). A missing capability check in functions pmdm_wp_delete_user_meta, pmdm_wp_delete_term_meta, and pmdm_wp_ajax_delete_meta allows unauthenticated attackers to delete user, term, and post meta belonging to arbitrar...
CVE-2023-5426 Post Meta Data Manager <=1.2.0 - Missing Authorization to User, Term, and Post Meta Deletion
The Post Meta Data Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdmwpdeleteusermeta, pmdmwpdeletetermmeta, and pmdmwpajaxdeletemeta functions in versions up to, and including, 1.2.0. This makes it possible for...
WordPress plugin Post Meta Data Manager security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Post Meta Data Manager Plugin <= 1.2.0 is vulnerable to Broken Access Control
Software Post Meta Data Manager Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.2.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5425 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 1def5cff52bd Credits Francesco Carlucci...
WordPress Post Meta Data Manager Plugin <= 1.2.0 is vulnerable to Broken Access Control
Software Post Meta Data Manager Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.2.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5426 Patch priority Medium CVSS severity Medium 7.5 Developer Claim ownership PSID a003d34ca1b2 Credits Francesco Carlucc...
WordPress SLP – Extended Data Manager Plugin <= 6.1.1 is vulnerable to Cross Site Scripting (XSS)
Software SLP – Extended Data Manager Type Plugin Vulnerable versions = 6.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d2e98c75731 Credits Rafie Muhammad...
CVE-2023-2025
OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances...
Dell PowerProtect Data Manager Access Control Error Vulnerability
Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. An access control error vulnerability exists in Dell PowerProtect Data Manager version 19.12, 19.11, and 19.10, which...
CVE-2023-28062
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions...
Dell PowerProtect Data Manager 安全漏洞
Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. An access control error vulnerability exists in Dell PowerProtect Data Manager version 19.12, 19.11, and 19.10, which...
The vulnerability of the software interface of the Hitachi Energy System Data Manager SDM600, which allows a perpetrator to compromise the confidentiality and integrity of information.
The vulnerability of the software interface of the Hitachi Energy System Data Manager SDM600 lies in deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of information...
The vulnerability of Hitachi Energy System Data Manager SDM600, related to improper cleaning or release of resources, allows a intruder to trigger a service failure.
The vulnerability of Hitachi Energy System Data Manager SDM600 relates to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of the application software interface of Hitachi Energy System Data Manager SDM600 allows a malicious actor to read data from the data storage.
The vulnerability of the application software interface of Hitachi Energy System Data Manager SDM600 is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to read data from the data storage...
The vulnerability of Hitachi Energy System Data Manager SDM600, related to the possibility of loading dangerous files, allows a hacker to execute arbitrary code.
The vulnerability of Hitachi Energy System Data Manager SDM600 relates to the ability to load files of a dangerous type. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
SDM600 安全漏洞
ABB SDM600 is a system data manager from ABB Switzerland. A security vulnerability exists in SDM600 versions prior to 1.2.23000.291, which stems from the presence of a service authorization validation vulnerability that can be exploited by an attacker to access sensitive data by reading directly...
SDM600 安全漏洞
ABB SDM600 is a system data manager from ABB Switzerland. A security vulnerability exists in SDM600 versions prior to 1.2.23000.291, which stems from a problem in the endpoint that can be exploited by an attacker to cause an application to become unresponsive by running multiple parallel requests...