EUVD-2024-29009

Malicious code in bioql PyPI...

CVE-2024-8292

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to privilege escalation/account takeover in all versions up to, and including, 16.26.8. This is due to to plugin not properly verifying a user's identity during new order creation. This makes it possible for...

CVE-2024-8292

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to privilege escalation/account takeover in all versions up to, and including, 16.26.8. This is due to to plugin not properly verifying a user's identity during new order creation. This makes it possible for...

CVE-2024-8292

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to privilege escalation/account takeover in all versions up to, and including, 16.26.8. This is due to to plugin not properly verifying a user's identity during new order creation. This makes it possible for...

CVE-2024-8292

CVE-2024-8292 affects WP-Recall – Registration, Profile, Commerce & More for WordPress (versions

PT-2024-38920 · WordPress · Wp-Recall

Name of the Vulnerable Software and Affected Versions: WP-Recall – Registration, Profile, Commerce & More plugin for WordPress versions up to, and including, 16.26.8 Description: The WP-Recall plugin for WordPress is vulnerable to privilege escalation/account takeover due to improper verification...

CVE-2024-31098

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through 2.0.2...

CVE-2024-31098

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through 2.0.2...

CVE-2024-31098 WordPress New Order Notification for Woocommerce plugin <= 2.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through 2.0.2...

CVE-2024-31098

CVE-2024-31098 corresponds to a Missing Authorization vulnerability in the WordPress plugin Mr.Ebabi New Order Notification for WooCommerce. The vulnerability affects New Order Notification for WooCommerce versions n/a through 2.0.2. Public metrics list the CVSS vectors as HIGH impact with surrou...

WordPress plugin New Order Notification for Woocommerce security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-23766 · WordPress · Mr.Ebabi New Order Notification For Woocommerce

Name of the Vulnerable Software and Affected Versions: Mr.Ebabi New Order Notification for Woocommerce versions n/a through 2.0.2 Description: The issue is related to a Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce. This vulnerability affects the plugin's...

PT-2024-40414 · Adobe · Magento Open Source +1

Name of the Vulnerable Software and Affected Versions: Magento Commerce versions 1.9.0.0 through 1.14.3.9 Magento Open Source versions 1.5.0.0 through 1.9.3.9 Description: The issue concerns various security vulnerabilities, including authenticated Admin user remote code execution RCE, cross-site...

WordPress New Order Notification for Woocommerce plugin <= 2.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin New Order Notification for Woocommerce versions = 2.0.2...

WordPress New Order Notification for Woocommerce Plugin <= 2.0.2 is vulnerable to Broken Access Control

Software New Order Notification for Woocommerce Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31098 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f43459ca9b98 Credits...

WordPress New Order Notification Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software New Order Notification Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f85602c77d34 Credits Rafie Muhammad Patchstack...

Stored XSS in the module named "Dashboard"

Description I tested the demo site you provided. I see that there is an XSS vulnerability. I hope you can check and provide a fix as soon as possible. Proof of Concept link video PoC https://drive.google.com/file/d/19lzyLY20fn0WdgRxsIrIRSfkrq36j7s5/view?usp=sharing Steps 1.Login as administrator...

Threat Outbreak Alert RuleID32049: Email Messages Distributing Malicious Software on February 15, 2018

Medium Alert ID: 56848 First Published: 2018 February 15 21:28 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32049 may contain the following files: Name |...

Threat Outbreak Alert RuleID31832: Email Messages Distributing Malicious Software on January 26, 2018

Medium Alert ID: 56593 First Published: 2018 January 26 21:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID31832 may contain the following files: Name |...

Threat Outbreak Alert RuleID31383: Email Messages Distributing Malicious Software on November 22, 2017

Medium Alert ID: 56018 First Published: 2017 November 22 14:58 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID31383 may contain the following files: Name |...