PT-2024-17237 · WordPress · Ht Easy Ga4 – Google Analytics Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: HT Easy GA4 – Google Analytics WordPress Plugin versions prior to 1.1.6 Description: The issue allows unauthorized modification of data due to a missing capability check on the login function. This makes it possible for unauthenticated...

GHSA-QRCJ-6FJW-3H9H Moodle XSS Vulnerability

A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability such as administrators/managers can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped whe...

Local vulnerability in libutil derived with FreeBSD 4.4-RC (and earlier)

Hello, OpenSSH derived with FreeBSD 4.4 and earlier doesn't drop privileges before messing with login class capability database. The most problematic is: if newcommand == NULL && !quietlogin && !options.uselogin fname = logingetcapstrlc, "copyright", NULL, NULL; if fname != NULL && f = fopenfname...