16 matches found
PT-2026-44045
Name of the Vulnerable Software and Affected Versions The Post Grid versions prior to 7.9.3 Description A missing authorization issue allows for the exploitation of incorrectly configured access control security levels. Recommendations Update to a version newer than 7.9.2...
PT-2026-4260
Missing Authorization vulnerability in Theme-one The Grid the-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Grid: from n/a through 2.8.0...
EUVD-2020-1346
Malware in sbrugna...
EUVD-2025-30543
Malicious code in bioql PyPI...
EUVD-2023-0237
Malicious code in bioql PyPI...
WordPress plugin Featured Image Thumbnail Grid 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-9636 Post Grid and Gutenberg Blocks 2.2.85 - 2.3.3 - Unauthenticated Privilege Escalation
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in versions 2.2.85 to 2.3.3. This is due to the plugin not properly restricting what user meta can be updated during profile registration. This makes it possible for unauthenticated attackers to register...
5p-buyform (>=0.0.1 <=0.0.4), 5paisa-tradingview-webhook (>=0.0.1 <=0.0.2) +586 more potentially affected by CVE-2024-39001 via ag-grid-community (>=19.0.0 <=31.3.2)
ag-grid-community NPM version =19.0.0, =0.0.1, =0.0.1, =0.0.4, =0.0.1, =0.1.1, =14.3.14, =0.0.15, =0.1.43--canary.7d2bdde.0, =0.0.1, =0.1.46, =0.0.0-6.1-rc-20220114175111, =4.4.1-alpha.8, =1.1.0, =0.1.4, =0.2.7 and more Source cves: CVE-2024-39001 Source advisory: OSV:GHSA-328P-362G-R48J...
PT-2024-24542 · WordPress · Post Grid
Name of the Vulnerable Software and Affected Versions: The Post Grid Gutenberg Blocks and WordPress Blog Plugin versions prior to 4.0.2 Description: The issue arises from the plugin's failure to validate and escape some of its block options before outputting them back in a page or post where the...
Xibo 安全漏洞
Xibo is a content management system open source by Xibo Digital Signage. A security vulnerability exists in Xibo CMS that stems from the ability to perform session hijacking via cross-site scripting XSS attacks in the header and session grid...
Webkul krayin crm 跨站脚本漏洞
Webkul krayin crm is a free and open source CRM solution for small and medium sized businesses from Webkul India. A cross-site scripting vulnerability exists in Webkul krayin crm versions prior to 1.2.2, which stems from an XSS vulnerability in datagrid...
4 lessons to be learned from the DOE’s DDoS attack
Analysts, researchers, industry professionals, and pundits alike have all posited the dangers of the next-generation “smart grid,” particularly when it comes to cybersecurity. They warn that without the right measures in place, unscrupulous parties could essentially wreak havoc on the bulk of...
Safeguarding the Nation’s Critical Infrastructure
In May of 1998, President Clinton issued Presidential Decision Directive 63: Protecting America’s Critical Infrastructures. This Directive proposed steps to enact the recommendations of the President’s Commission on Critical Infrastructure Protection, published in October 1997. Twenty years on, h...
Oracle PeopleSoft Enterprise PeopleTools Unauthorized Operation Vulnerability (CNVD-2017-28379)
Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle Corporation, and PeopleSoft Enterprise PeopleTools is one of the tools and technology components that transforms the way organizations manage, use, and maintain their PeopleSoft software. PeopleSoft...
Magento Community Edition and Enterprise Edition SQL Injection Vulnerabilities
Magento is a professional open-source PHP e-commerce system from Magento, which provides rights management, search engine and payment gateway, etc. Magento Community Edition CE is a community edition.Magento Enterprise Edition EE is an enterprise edition. A SQL injection vulnerability exists in t...
Electromagnetic Pulse Attacks : Are we prepared ?
An electromagnetic pulse EMP attack is a threat few Americans are familiar with, yet one which could easily destroy their lives. What would you do if your electricity suddenly went out and didn't come back on for months or even years? How long would you last with the food in your pantry, the...