108 matches found
CVE-2024-37476 WordPress Newspack Campaigns plugin <= 2.31.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability in Automattic Newspack Campaigns allows Stored XSS.This issue affects Newspack Campaigns: from n/a through 2.31.1...
CVE-2024-37476 WordPress Newspack Campaigns plugin <= 2.31.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability in Automattic Newspack Campaigns allows Stored XSS.This issue affects Newspack Campaigns: from n/a through 2.31.1...
PT-2024-27585 · Automattic · Newspack Campaigns
Name of the Vulnerable Software and Affected Versions: Newspack Campaigns versions 2.31.1 and earlier Description: The issue is a Cross Site Scripting XSS vulnerability, specifically a Stored XSS, in Automattic Newspack Campaigns. This allows for malicious scripts to be stored on the server and...
WordPress plugin Newspack Campaigns security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
WordPress plugin Newspack Ads security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-27583 · Automattic · Newspack Ads
Name of the Vulnerable Software and Affected Versions: Newspack Ads versions 1.47.1 and earlier Description: A Cross Site Scripting XSS issue, specifically a Stored XSS vulnerability, has been identified in Automattic Newspack Ads. This allows for malicious scripts to be stored on the server and...
WordPress Newspack Content Converter plugin <= 0.1.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Content Converter versions = 0.1.5...
WordPress Newspack Campaigns plugin <= 2.31.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Campaigns versions = 2.31.1...
WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Newsletters versions = 2.13.2...
WordPress Newspack Ads plugin <= 1.47.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Ads versions = 1.47.1...
WordPress Newspack Newsletters Plugin <= 2.13.2 is vulnerable to Broken Access Control
Software Newspack Newsletters Type Plugin Vulnerable versions = 2.13.2 Fixed in 2.13.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37475 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID eaec81ca6f12 Credits Rafie Muhammad...
WordPress Newspack Campaigns Plugin <= 2.31.1 is vulnerable to Cross Site Scripting (XSS)
Software Newspack Campaigns Type Plugin Vulnerable versions = 2.31.1 Fixed in 2.31.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37476 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0b7e9fddfca4 Credits Rafie Muhammad Patchstack Require...
WordPress Newspack Content Converter Plugin <= 0.1.5 is vulnerable to Broken Access Control
Software Newspack Content Converter Type Plugin Vulnerable versions = 0.1.5 Fixed in 1.0.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37477 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9023ad743104 Credits Rafie Muhammad...
WordPress Newspack Ads Plugin <= 1.47.1 is vulnerable to Cross Site Scripting (XSS)
Software Newspack Ads Type Plugin Vulnerable versions = 1.47.1 Fixed in 1.47.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37474 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8d60e34d1ee Credits Rafie Muhammad Patchstack Required...
WordPress Newspack Blocks plugin <= 3.0.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Blocks versions = 3.0.8...
WordPress Newspack Blocks plugin <= 3.0.8 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Blocks versions = 3.0.8...
WordPress Newspack Blocks plugin <= 3.0.8 - Contributor+ Arbitrary Directory Deletion vulnerability
Contributor+ Arbitrary Directory Deletion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Blocks versions = 3.0.8...
WordPress Newspack Blocks Plugin <= 3.0.8 is vulnerable to Arbitrary File Upload
Software Newspack Blocks Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-37424 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID dd4273e7b78e Credits Rafie Muhammad Patchstack Required...
WordPress Newspack Blocks Plugin <= 3.0.8 is vulnerable to Broken Access Control
Software Newspack Blocks Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37425 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID bdb588fe4e59 Credits Rafie Muhammad Patchstack...
WordPress Newspack Blocks Plugin <= 3.0.8 is vulnerable to Arbitrary File Deletion
Software Newspack Blocks Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-37423 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID a16694974ae5 Credits Rafie Muhammad...