PT-2024-29574 · Dompurify +2 · Dompurify +2

Name of the Vulnerable Software and Affected Versions: OpenObserve versions through 0.9.1 Description: The OpenObserve open-source observability platform has a security issue where it does not sanitize user input in the filter selection menu, potentially leading to complete account takeover. The...

WordPress Best Restaurant Menu by Pricelisto plugin <= 1.4.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jayden Caelli - ret2desync Patchstack Alliance in WordPress Plugin Best Restaurant Menu by PriceListo versions = 1.4.1...

WordPress Best Restaurant Menu by PriceListo Plugin <= 1.4.1 is vulnerable to SQL Injection

Software Best Restaurant Menu by PriceListo Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-38793 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID e01346317df5 Credits Jayden Caelli ret2desync...

Setting vDisk Boot Menu as a Default Option

This article describes how to enable the first menu option as the default boot choice without prompting when vDisk boot menu appears. Background A Provisioning Services vDisk boot menu appears when the user is starting a provisioned Virtual Machine, but the user wants the Virtual Machine to start...

BIT-MEDIAWIKI-2024-40599

An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

BIT-MEDIAWIKI-2024-40600

An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

Teams 2.1 Start Menu shortcut not working

Teams 2.x Start menu shortcut does not work. It is visible but the icon is missing and clicking it does not launch Teams...

CVE-2024-40600

An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

CVE-2024-40605

An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

CVE-2024-37554

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CodeAstrology Team UltraAddons Elementor Lite Header & Footer Builder, Menu Builder, Cart Icon, Shortcode.This issue affects UltraAddons Elementor Lite Header & Footer Builder, Menu Builder,...

CVE-2024-40605

An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

CVE-2024-40600

An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

PT-2024-28941 · Mediawiki · Mediawiki

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.42.1 and earlier Description: An issue was discovered in the Foreground skin for MediaWiki. There is stored XSS via MediaWiki: Sidebar top-level menu entries. Recommendations: For MediaWiki versions 1.42.1 and earlier,...

CVE-2024-40600

Affected software: Metrolook skin for MediaWiki up to version 1.42.1. Vulnerability: stored XSS via MediaWiki:Sidebar top-level menu entries. Impact: can lead to execution of arbitrary script in a victim’s browser; exploitation details are not provided in the documents. Root cause: improper handl...

CVE-2024-4482

CVE-2024-4482 : The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is affected by Stored Cross-Site Scripting via the Countdown widget. Root cause: insufficient input sanitization and output escaping on the user-supplied text_day...

freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.

...

WordPress WP Mobile Menu plugin <= 2.8.4.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin WP Mobile Menu versions = 2.8.4.3...

WordPress WP Mobile Menu Plugin <= 2.8.4.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Mobile Menu Type Plugin Vulnerable versions = 2.8.4.3 Fixed in 2.8.4.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37274 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 83c4bad72872 Credits Dhabaleshwar Das...

MAL-2024-3043 Malicious code in sq-menu (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in sq-menu (npm)

--- -= Per source details. Do not edit below this line.=-...