6505 matches found
CVE-2024-4663
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-4663 OSM Map Widget for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-4663 OSM Map Widget for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-4663
The CVE-2024-4663 entry covers the OSM Map Widget for Elementor WordPress plugin. It affects all versions up to 1.2.2, with a Reflected Cross-Site Scripting vulnerability in the id parameter caused by insufficient input sanitization and output escaping. The issue can allow unauthenticated attacke...
kernel: hwmon: (coretemp) Fix out-of-bounds memory access
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Fix out-of-bounds memory access Fix a bug that pdata-cpumap is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package...
WordPress plugin OSM Map Widget for Elementor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerabilit...
DEBIAN-CVE-2024-36974
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...
WordPress OSM Map Widget for Elementor plugin < 1.3.0 - Authenticated Stored Cross-Site Scripting via id Parameter vulnerability
Authenticated Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin OSM Map Widget for Elementor versions 1.3.0...
WordPress OSM Map Widget for Elementor Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software OSM Map Widget for Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4663 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4fcc595d31d1 Credits stealthcopter...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not validating TCATAPRIOATTRPRIOMAP...
CVE-2023-44234
Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through 1.7.08...
CVE-2023-44234
Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through 1.7.08...
WordPress plugin WP GPX Map security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-13181 · WordPress · Wp Gpx Map
Name of the Vulnerable Software and Affected Versions: WP GPX Map versions 1.7.08 and earlier Description: A Missing Authorization issue has been identified. This issue affects the WP GPX Map plugin. Recommendations: For WP GPX Map versions 1.7.08 and earlier, update to a version that contains a...
CVE-2024-32779 WordPress Vision – Image Map Builder plugin <= 1.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...
CVE-2024-32779 WordPress Vision – Image Map Builder plugin <= 1.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...
kernel: hwmon: (coretemp) Fix out-of-bounds memory access
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Fix out-of-bounds memory access Fix a bug that pdata-cpumap is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package...
kernel: hwmon: (coretemp) Fix out-of-bounds memory access
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Fix out-of-bounds memory access Fix a bug that pdata-cpumap is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package...
kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhcimapurbfordma The Linux kernel CVE team has assigned CVE-2024-26964 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26964-54c8@gregkh/T...
SUSE CVE-2020-25017
Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy's setCopy header map API does not replace all existing occurences of a non-inline header...