67 matches found
EUVD-2024-48316
Malicious code in bioql PyPI...
EUVD-2024-48317
Malicious code in bioql PyPI...
EUVD-2024-28158
Malicious code in bioql PyPI...
CVE-2024-7381
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to missing authorization and capability checks on the ajaxshortcodecache function in all versions up to, and including, 8.6.9. This makes it possible for unauthenticated attackers to execute arbitrary...
CVE-2024-7380
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...
CVE-2024-30451
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in INFINITUM FORM Geo Controller allows Stored XSS.This issue affects Geo Controller: from n/a through 8.6.4...
CVE-2024-30227
Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue affects Geo Controller: from n/a through 8.6.4...
CVE-2024-7381
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to missing authorization and capability checks on the ajaxshortcodecache function in all versions up to, and including, 8.6.9. This makes it possible for unauthenticated attackers to execute arbitrary...
CVE-2024-7381
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to missing authorization and capability checks on the ajaxshortcodecache function in all versions up to, and including, 8.6.9. This makes it possible for unauthenticated attackers to execute arbitrary...
CVE-2024-7380
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.6.9. This makes it possible for authenticated attackers, with...
CVE-2024-7380
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...
CVE-2024-7381 Geo Controller <= 8.6.9 - Missing Authorization to Unauthenticated Shortcode Execution
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to missing authorization and capability checks on the ajaxshortcodecache function in all versions up to, and including, 8.6.9. This makes it possible for unauthenticated attackers to execute arbitrary...
CVE-2024-7381
CVE-2024-7381 : The WordPress plugin Geo Controller is vulnerable to unauthenticated shortcode execution due to missing authorization and capability checks on the ajax__shortcode_cache function in all versions up to and including 8.6.9. This allows unauthenticated attackers to execute arbitrary s...
CVE-2024-7381 Geo Controller <= 8.6.9 - Missing Authorization to Unauthenticated Shortcode Execution
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to missing authorization and capability checks on the ajaxshortcodecache function in all versions up to, and including, 8.6.9. This makes it possible for unauthenticated attackers to execute arbitrary...
CVE-2024-7380 Geo Controller <= 8.7.3 - Missing Authorization to Authenticated (Subscriber+) Menu Creation/Deletion
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...
CVE-2024-7380 Geo Controller <= 8.7.3 - Missing Authorization to Authenticated (Subscriber+) Menu Creation/Deletion
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...
CVE-2024-7380
CVE-2024-7380 — Geo Controller (WordPress) security issue : The Geo Controller plugin (WordPress) up to and including version 8.6.9 is vulnerable to unauthorized menu creation/deletion due to missing capability checks in ajax__geolocate_menu and ajax__geolocate_remove_menu. Affected product: Geo ...
WordPress Geo Controller plugin <= 8.7.3 - Multiple Missing Authorization vulnerability
Multiple Missing Authorization vulnerability discovered by Lucio Sá in WordPress Plugin Geo Controller versions = 8.7.3...
PT-2024-38310 · WordPress · Geo Controller
Name of the Vulnerable Software and Affected Versions: Geo Controller plugin for WordPress versions up to, and including, 8.6.9 Description: The issue arises from missing capability checks on the ajax geolocate menu and ajax geolocate remove menu functions, allowing authenticated attackers with...
WordPress plugin Geo Controller 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...