2 matches found
WordPress Alt Text Generator AI plugin <= 1.8.3 - Missing Authorization to Authenticated (Subscriber+) API Key Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ API Key Deletion vulnerability discovered by Legion Hunter in WordPress Plugin Alt Text Generator AI versions = 1.8.3...
DEBIAN-CVE-2022-24775
guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds...