CVE-2024-54241

Missing Authorization vulnerability in Appsbd Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification:...

CVE-2024-54241

CVE-2024-54241 concerns a Missing Authorization vulnerability in the WordPress plugin Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification. Affected versions are listed as 1.5 through n/a; description specifies an incorrectly configured access control. Exploitation stat...

CVE-2024-54242

CVE-2024-54242 describes a Missing Authorization (Broken Access Control) vulnerability in WordPress Simple Notification plugin versions up to 1.3. The issue arises from incorrectly configured access control, enabling unauthorized actions as described in multiple sources. The CVE affects Simple No...

CVE-2024-54241 WordPress Elite Notification plugin 1.5 - Cross Site Scripting (XSS) vulnerability

Missing Authorization vulnerability in Appsbd Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification:...

CVE-2024-54242 WordPress Simple Notification plugin <= 1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in appsbd Simple Notification simple-notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: from n/a through = 1.3...

WordPress plugin Elite Notification 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in the...

PT-2024-36120 · Unknown · Elite Notification – Sales Popup

Name of the Vulnerable Software and Affected Versions: Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification versions 1.5 through n/a Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation due to incorrectly configured acces...

PT-2024-36121 · Unknown · Simple Notification

Name of the Vulnerable Software and Affected Versions: Simple Notification versions 1.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For Simple...

WordPress plugin Simple Notification 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-54485

The issue was addressed by adding additional logic. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. An attacker with physical access to an iOS device may be able to view notification content from the lock screen...

UBUNTU-CVE-2024-47761

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an administrator with access to the sent notifications contents can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue...

GHSA-VJMW-J32J-PH4F

creationtimestamp| type| source ---|---|--- 2024-12-11 17:10:00+00:00| seen| https://infosec.exchange/users/cve/statuses/113635295264729068...

CVE-2024-47761 GLPI vulnerable to account takeover via the password reset feature

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an administrator with access to the sent notifications contents can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue...

PT-2024-36352 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.3 iOS versions prior to 18.2 iPadOS versions prior to 18.2 Description: The issue allows an attacker with physical access to an iOS device to view notification content from the lock screen. This is possible due t...

[SECURITY] Fedora 40 Update: zabbix-6.0.36-1.fc40

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

WordPress Simple Notification plugin <= 1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Simple Notification versions = 1.3...

WordPress Elite Notification plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Elite Notification versions = 1.5...

GHSA-JCXM-7WVP-G6P5 Modified package published to npm, containing malware that exfiltrates private key material

Earlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from...

CVE-2024-43077

creationtimestamp| type| source ---|---|--- 2024-12-04 06:05:42+00:00| seen| https://t.me/itsecnews/4888 2025-01-03 00:19:19+00:00| seen| https://infosec.exchange/users/cve/statuses/113761554223801442 2025-01-03 01:15:32+00:00| seen|...

CVE-2024-11479 Authenticated HTML Injection in Issuetrak Ticket Comment Function

A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the emails sent to all users on that ticket...