437 matches found
The vulnerability of the nft_mapelem_deactivate() function in the net/netfilter/nf_tables_api.c module of the netfilter component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the nftmapelemdeactivate function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux operating system is related to improper memory release. Exploiting this vulnerability could allow an attacker to cause a service failure...
kernel: leds: trigger: Unregister sysfs attributes before calling deactivate()
leds in linux kernel permits calling sysfs attributes show/store functions after deactivate has been called...
SUSE CVE-2024-58061
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARNON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all links in the debugf...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't fail inserts if duplicate has expired nftables selftests fail: run-tests.sh testcases/sets/0044intervaloverlap0 Expected: 0-2 . 0-3, got: W: FAILED ./testcases/sets/0044intervaloverlap0: got 1 Insertion...
CVE-2023-52925
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't fail inserts if duplicate has expired nftables selftests fail: run-tests.sh testcases/sets/0044intervaloverlap0 Expected: 0-2 . 0-3, got: W: FAILED ./testcases/sets/0044intervaloverlap0: got 1 Insertion...
CVE-2024-13651
The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...
WordPress plugin RapidLoad 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-12006
CVE-2024-12006 concerns the W3 Total Cache WordPress plugin. The Red Hat advisory confirms the root cause: a missing capability check in multiple functions, affecting all versions up to and including 2.8.1. This flaw allows unauthenticated users to modify data by deactivating the plugin and by ac...
CVE-2024-12855
The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions like 'sbremovead' in all versions up to, and including, 5.1.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...
CVE-2023-46188
Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins – Plugin manager and cleanup: from n/a through 2.1.3...
CVE-2023-46188 WordPress Freesoul Deactivate Plugins plugin <= 2.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins – Plugin manager and cleanup: from n/a through 2.1.3...
CVE-2023-46188 WordPress Freesoul Deactivate Plugins plugin <= 2.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins – Plugin manager and cleanup: from n/a through 2.1.3...
WordPress plugin Freesoul Deactivate Plugins 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-1505 · Unknown · Freesoul Deactivate Plugins
Name of the Vulnerable Software and Affected Versions: Freesoul Deactivate Plugins – Plugin manager and cleanup versions 2.1.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Thi...
CVE-2024-11713
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'pageid' parameter of the wpjobportaldeactivate function in all versions up to, and including, 2.2.2 due to insufficient escaping on the user supplied...
WordPress plugin WP Job Portal SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
PT-2024-17203 · WordPress · Wp Job Portal
Name of the Vulnerable Software and Affected Versions: WP Job Portal plugin for WordPress versions up to, and including, 2.2.2 Description: The issue is related to SQL Injection via the page id parameter of the wpjobportal deactivate function due to insufficient escaping on the user-supplied...
PT-2024-16598 · WordPress · The Popup Box – Create Countdown
Name of the Vulnerable Software and Affected Versions: The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress versions up to, and including, 4.9.7 Description: The issue is related to a missing capability check on the deactivate plugin option function, which...
WordPress plugin Styler for Ninja Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Styler for Ninja Forms plugin <= 3.3.4 - Authenticated (Subscriber+) Arbitrary Option Deletion via deactivate_license vulnerability
Authenticated Subscriber+ Arbitrary Option Deletion via deactivatelicense vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Styler for Ninja Forms versions = 3.3.4...