531 matches found
WordPress plugin WPML Multilingual CMS premium 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control error...
WordPress plugin Multilingual CMS 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Multilingual CMS 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2022-27400 · WordPress · Wpml Multilingual Cms
Name of the Vulnerable Software and Affected Versions: WPML Multilingual CMS premium plugin versions = 4.5.13 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...
GHSA-VQ39-Q549-G786 Concrete CMS vulnerable to Cross-site Scripting via multilingual report
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual report due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...
Concrete CMS vulnerable to Cross-site Scripting via multilingual report
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual report due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...
CVE-2022-43967
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual report due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...
CVE-2022-43967
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual report due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...
Design/Logic Flaw
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual report due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...
CVE-2022-43967
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual report due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...
PortlandLabs Concrete CMS 跨站脚本漏洞
PortlandLabs Concrete CMS is a team-oriented open source content management system from PortlandLabs, Inc. in the United States. A security vulnerability exists in Concrete CMS concrete5 versions prior to 8.5.10 and versions 9.0.0 through 9.1.2, which stems from unfiltered output and a reflective...
WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability
Broken Access Control vulnerability leading to status change of translation job discovered by Dave Jong Patchstack in the WordPress WPML Multilingual CMS premium plugin versions = 4.5.10. Solution Update the WordPress Multilingual CMS plugin to the latest available version at least 4.5.11...
WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability leading to status change of translation job discovered by Dave Jong Patchstack in WordPress WPML Multilingual CMS premium plugin versions = 4.5.13. Solution Update the WordPress Multilingual CMS plugin to the latest available version at least 4.5.14...
WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by Dave Jong Patchstack in WordPress WPML Multilingual CMS premium plugin versions = 4.5.13 Solution Update the WordPress Multilingual CMS plugin to the latest available version at least 4.5.14...
WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability
Broken Access Control vulnerability leading to plugin settings change selected language for legacy widgets can be changed, and default behavior for media content can be changed discovered by Dave Jong in WordPress WPML Multilingual CMS premium plugin versions = 4.5.10. Solution Update the WordPre...
September 13, 2022, cumulative update for SharePoint Enterprise Server 2013 (KB5002264)
September 13, 2022, cumulative update for SharePoint Enterprise Server 2013 KB5002264 Cumulative update packages for Microsoft SharePoint Enterprise Server 2013 contain hotfixes for the issues that were fixed since the release of SharePoint Enterprise Server 2013. Note: This is build 15.0.5485.10...
CVE-2022-3141
The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected...
CVE-2022-3141
The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected...
CVE-2022-3141
The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected...
Sql injection
The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected...