1037 matches found
WordPress plugin Print Labels with Barcodes 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Print Labels with Barcodes 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-18213 · WordPress · Print Labels With Barcodes
Name of the Vulnerable Software and Affected Versions: The Print Labels with Barcodes plugin for WordPress versions up to, and including, 3.4.6 Description: The issue allows for unauthorized access, modification, and loss of data due to an improper capability check on 42 separate AJAX functions...
WordPress Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin <= 3.4.6 - Improper Authorization vulnerability
Improper Authorization vulnerability discovered by Lucio Sá in WordPress Plugin Print Barcode Labels for your WooCommerce products/orders versions = 3.4.6...
WordPress Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin <= 3.4.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Templates vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting via Templates vulnerability discovered by Lucio Sá in WordPress Plugin Print Barcode Labels for your WooCommerce products/orders versions = 3.4.6...
WordPress Print Barcode Labels for your WooCommerce products/orders Plugin <= 3.4.6 is vulnerable to Broken Access Control
Software Print Barcode Labels for your WooCommerce products/orders Type Plugin Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1677 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID...
WordPress Print Barcode Labels for your WooCommerce products/orders Plugin <= 3.4.6 is vulnerable to Cross Site Scripting (XSS)
Software Print Barcode Labels for your WooCommerce products/orders Type Plugin Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1679 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PS...
Print Labels with Barcodes < 3.4.7 - Subscriber+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting via the template and javascript label fields due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber access and above, to inject arbitrary web scripts in pag...
python-django: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator
A regular expression denial of service vulnerability has been found in Django. Email and URL validators are vulnerable to this flaw when processing a very large number of domain name labels of emails and URLs...
SUSE CVE-2024-23076
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /labels/BubbleXYItemLabelGenerator.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been...
CVE-2024-29220
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
CVE-2024-29220
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
CVE-2024-29220
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
PT-2024-22818 · Unknown · Ninja Forms
Name of the Vulnerable Software and Affected Versions: Ninja Forms versions prior to 3.8.1 Description: The issue is related to a cross-site scripting vulnerability in custom fields for labels. If exploited, an arbitrary script may be executed on the web browser of the user accessing the website...
WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.4.2 - Missing Authorization to Unauthenticated Settings Reset vulnerability
Missing Authorization to Unauthenticated Settings Reset vulnerability discovered by Krzysztof Zając in WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels versions = 4.4.2...
CVE-2024-28867
Swift Prometheus is a Swift client for the Prometheus monitoring system, supporting counters, gauges and histograms. In code which applies un-sanitized string values into metric names or labels, an attacker could make use of this and send a ?lang query parameter containing newlines, or similar...
CVE-2024-28867 Swift Prometheus un-sanitized metric name or labels can be used to take over exported metrics
Swift Prometheus is a Swift client for the Prometheus monitoring system, supporting counters, gauges and histograms. In code which applies un-sanitized string values into metric names or labels, an attacker could make use of this and send a ?lang query parameter containing newlines, or similar...
ROS-20240329-20
Vulnerability in the virNWFilterObjListNumOfNWFilters method of the Libvirt virtualization management library is due to with insufficient blocking. Exploitation of the vulnerability allows an attacker acting remotely, cause a denial of service Vulnerability in virStoragePoolLookupByTargetPath API...
Prometheus 安全漏洞
Prometheus is open source software written in the Go language for recording real-time metrics from time series databases built using the HTTP pull model. A security vulnerability exists in versions prior to Swift Prometheus 2.0.0-alpha.2 that stems from applying uncleaned string values to the cod...
CVE-2024-22288
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Reflected XSS.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping...