449 matches found
CVE-2023-41688 WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in madfishdigital Bulk NoIndex & NoFollow Toolkit bulk-noindex-nofollow-toolkit-by-mad-fish allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through = 1.5...
CVE-2023-41688 WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 1.5...
PT-2024-12956 · Mad Fish Digital · Bulk Noindex & Nofollow Toolkit
Name of the Vulnerable Software and Affected Versions: Mad Fish Digital Bulk NoIndex & NoFollow Toolkit versions 1.42 and earlier Bulk NoIndex & NoFollow Toolkit plugin version 1.42 Description: The issue affects the Bulk NoIndex & NoFollow Toolkit plugin due to a Missing Authorization...
CVE-2024-9237 Fish and Ships <= 1.5.9 - Reflected Cross-Site Scripting
The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2024-9237 Fish and Ships <= 1.5.9 - Reflected Cross-Site Scripting
The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.9. This makes it possible for...
WordPress Fish and Ships plugin <= 1.5.9 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Fish and Ships versions = 1.5.9...
WordPress plugin Fish and Ships 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress Fish and Ships Plugin <= 1.5.9 is vulnerable to Cross Site Scripting (XSS)
Software Fish and Ships Type Plugin Vulnerable versions = 1.5.9 Fixed in 1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9237 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7e6c47fc694c Credits vgo0 Required privile...
Malicious code in npm-evil-fish (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b5422630a80e283b7ae938687b04a988bee70b5c8b137520d4aaca5af1b979c3 The OpenSSF Package Analysis project identified 'npm-evil-fish' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-8944 Malicious code in npm-evil-fish (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b5422630a80e283b7ae938687b04a988bee70b5c8b137520d4aaca5af1b979c3 The OpenSSF Package Analysis project identified 'npm-evil-fish' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Friday Squid Blog: The Market for Squid Oil Is Growing
How did I not know before now that there was a market for squid oil? The squid oil market has experienced robust growth in recent years, expanding from $4.56 billion in 2023 to $4.94 billion in 2024 at a compound annual growth rate CAGR of 8.5%. The growth in the historic period can be attributed...
CVE-2024-42482 fish-shop/syntax-check Improper Neutralization of Delimiters
fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the pattern input specifically the command separator ; and command substitution characters and mean that arbitrary command injection is possible by modification of the input...
CVE-2024-42482 fish-shop/syntax-check Improper Neutralization of Delimiters
fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the pattern input specifically the command separator ; and command substitution characters and mean that arbitrary command injection is possible by modification of the input...
CVE-2024-42482 fish-shop/syntax-check Improper Neutralization of Delimiters
fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the pattern input specifically the command separator ; and command substitution characters and mean that arbitrary command injection is possible by modification of the input...
PT-2024-29979 · Fish Shop · Syntax-Check
Name of the Vulnerable Software and Affected Versions: fish-shop/syntax-check versions prior to v1.6.12 fish-shop/syntax-check versions prior to v2.0.0 Description: The issue is related to improper neutralization of delimiters in the pattern input, specifically the command separator ; and command...
OPENSUSE-SU-2024:10348-1 fish-2.4.0-1.1 on GA media
These are all security issues fixed in the fish-2.4.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11936-1 fish-3.4.0-1.1 on GA media
These are all security issues fixed in the fish-3.4.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:13501-1 fish-3.6.4-1.1 on GA media
These are all security issues fixed in the fish-3.6.4-1.1 package on the GA media of openSUSE Tumbleweed...
Online Privacy and Overfishing
Microsoft recently caught state-backed hackers using its generative AI tools to help with their attacks. In the security community, the immediate questions werent about how hackers were using the tools that was utterly predictable, but about how Microsoft figured it out. The natural conclusion wa...
colmansfishandchips.co.uk Cross Site Scripting vulnerability OBB-3898946
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...