Lucene search
K

449 matches found

Vulnrichment
Vulnrichment
added 2024/12/13 2:24 p.m.7 views

CVE-2023-41688 WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in madfishdigital Bulk NoIndex & NoFollow Toolkit bulk-noindex-nofollow-toolkit-by-mad-fish allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through = 1.5...

5.4CVSS7.3AI score0.00452EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 2:24 p.m.18 views

CVE-2023-41688 WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 1.5...

5.4CVSS0.00452EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.4 views

PT-2024-12956 · Mad Fish Digital · Bulk Noindex & Nofollow Toolkit

Name of the Vulnerable Software and Affected Versions: Mad Fish Digital Bulk NoIndex & NoFollow Toolkit versions 1.42 and earlier Bulk NoIndex & NoFollow Toolkit plugin version 1.42 Description: The issue affects the Bulk NoIndex & NoFollow Toolkit plugin due to a Missing Authorization...

5.4CVSS9.6AI score0.00452EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/10/04 2:32 a.m.15 views

CVE-2024-9237 Fish and Ships <= 1.5.9 - Reflected Cross-Site Scripting

The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.9. This makes it possible for...

6.1CVSS0.00363EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/10/04 2:32 a.m.11 views

CVE-2024-9237 Fish and Ships <= 1.5.9 - Reflected Cross-Site Scripting

The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.9. This makes it possible for...

6.1CVSS6.4AI score0.00363EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/10/04 1:21 a.m.3 views

WordPress Fish and Ships plugin <= 1.5.9 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Fish and Ships versions = 1.5.9...

6.1CVSS6.3AI score0.00363EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/04 12:0 a.m.4 views

WordPress plugin Fish and Ships 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.1CVSS6.2AI score0.00363EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.10 views

WordPress Fish and Ships Plugin <= 1.5.9 is vulnerable to Cross Site Scripting (XSS)

Software Fish and Ships Type Plugin Vulnerable versions = 1.5.9 Fixed in 1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9237 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7e6c47fc694c Credits vgo0 Required privile...

6.1CVSS5.9AI score0.00363EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/20 12:55 a.m.2 views

Malicious code in npm-evil-fish (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b5422630a80e283b7ae938687b04a988bee70b5c8b137520d4aaca5af1b979c3 The OpenSSF Package Analysis project identified 'npm-evil-fish' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.2AI score
Exploits0
OSV
OSV
added 2024/09/20 12:55 a.m.3 views

MAL-2024-8944 Malicious code in npm-evil-fish (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b5422630a80e283b7ae938687b04a988bee70b5c8b137520d4aaca5af1b979c3 The OpenSSF Package Analysis project identified 'npm-evil-fish' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2024/08/16 9:6 p.m.8 views

Friday Squid Blog: The Market for Squid Oil Is Growing

How did I not know before now that there was a market for squid oil? The squid oil market has experienced robust growth in recent years, expanding from $4.56 billion in 2023 to $4.94 billion in 2024 at a compound annual growth rate CAGR of 8.5%. The growth in the historic period can be attributed...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/08/12 3:35 p.m.16 views

CVE-2024-42482 fish-shop/syntax-check Improper Neutralization of Delimiters

fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the pattern input specifically the command separator ; and command substitution characters and mean that arbitrary command injection is possible by modification of the input...

4.8CVSS7.3AI score0.00821EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/12 3:35 p.m.37 views

CVE-2024-42482 fish-shop/syntax-check Improper Neutralization of Delimiters

fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the pattern input specifically the command separator ; and command substitution characters and mean that arbitrary command injection is possible by modification of the input...

4.8CVSS0.00821EPSS
Exploits0References3
OSV
OSV
added 2024/08/12 3:35 p.m.23 views

CVE-2024-42482 fish-shop/syntax-check Improper Neutralization of Delimiters

fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the pattern input specifically the command separator ; and command substitution characters and mean that arbitrary command injection is possible by modification of the input...

4.8CVSS7.2AI score0.00821EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.11 views

PT-2024-29979 · Fish Shop · Syntax-Check

Name of the Vulnerable Software and Affected Versions: fish-shop/syntax-check versions prior to v1.6.12 fish-shop/syntax-check versions prior to v2.0.0 Description: The issue is related to improper neutralization of delimiters in the pattern input, specifically the command separator ; and command...

6.9CVSS7.2AI score0.00821EPSS
Exploits0References11
OSV
OSV
added 2024/06/15 12:0 a.m.8 views

OPENSUSE-SU-2024:10348-1 fish-2.4.0-1.1 on GA media

These are all security issues fixed in the fish-2.4.0-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS8.3AI score0.0319EPSS
Exploits0References5
OSV
OSV
added 2024/06/15 12:0 a.m.6 views

OPENSUSE-SU-2024:11936-1 fish-3.4.0-1.1 on GA media

These are all security issues fixed in the fish-3.4.0-1.1 package on the GA media of openSUSE Tumbleweed...

7.8CVSS7.7AI score0.01417EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.8 views

OPENSUSE-SU-2024:13501-1 fish-3.6.4-1.1 on GA media

These are all security issues fixed in the fish-3.6.4-1.1 package on the GA media of openSUSE Tumbleweed...

6.6CVSS5.3AI score0.00475EPSS
Exploits1References1
Schneier on Security
Schneier on Security
added 2024/06/05 11:0 a.m.24 views

Online Privacy and Overfishing

Microsoft recently caught state-backed hackers using its generative AI tools to help with their attacks. In the security community, the immediate questions werent about how hackers were using the tools that was utterly predictable, but about how Microsoft figured it out. The natural conclusion wa...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/04/03 4:11 p.m.10 views

colmansfishandchips.co.uk Cross Site Scripting vulnerability OBB-3898946

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder