CVE-2024-2702

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

EUVD-2023-32705

Malicious code in bioql PyPI...

EUVD-2024-37597

Malicious code in bioql PyPI...

CVE-2024-38749

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Olive One Click Demo Import: from n/a through 1.1.2...

WordPress plugin Olive One Click Demo Import 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An information disclosure vulnerabilit...

PT-2024-28193 · Unknown · Olive One Click Demo Import

Name of the Vulnerable Software and Affected Versions: Olive One Click Demo Import versions 1.1.2 and earlier Description: The issue allows exposure of sensitive information to an unauthorized actor due to accessing functionality not properly constrained by ACLs. Recommendations: For Olive One...

WordPress Olive One Click Demo Import Plugin <= 1.1.2 is vulnerable to Sensitive Data Exposure

Software Olive One Click Demo Import Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-38749 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 3944618737f2 Credits Peng Zhou Require...

CVE-2024-32715

A vulnerability in olivethemes Olive One Click Demo Import olive-one-click-demo-import.This issue affects Olive One Click Demo Import: from n/a through = 1.1.1...

CVE-2024-32715

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

WordPress Olive One Click Demo Import plugin <= 1.1.1 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Olive One Click Demo Import versions = 1.1.1...

WordPress Olive One Click Demo Import Plugin <= 1.1.1 is vulnerable to Arbitrary File Download

Software Olive One Click Demo Import Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A4: Insecure Design Classification Arbitrary File Download CVE CVE-2024-32715 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID a4c06fc8a3c4 Credits Yudistira Arya...

Olive One Click Demo Import < 1.1.2 - Missing Authorization

Description The Olive One Click Demo Import plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability checking on several rest routes in versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to perform unauthorize...

CVE-2024-2702

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

CVE-2024-2702 WordPress Olive One Click Demo Import plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

CVE-2024-2702 WordPress Olive One Click Demo Import plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

CVE-2024-2702

CVE-2024-2702 covers Olive One Click Demo Import (Olive Themes) with Missing Authorization that enables importing settings/data and leads to XSS on versions up to 1.1.1. Public sources confirm a patch in 1.1.2. Remediation: upgrade to Olive One Click Demo Import 1.1.2 or apply vendor-provided fix...

WordPress Olive One Click Demo Import Plugin <= 1.1.1 is vulnerable to Broken Access Control

Software Olive One Click Demo Import Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2702 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 277d1e4e3b86 Credits Yudistira Arya...

CVE-2023-29102

Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

WordPress Plugin Olive One Click Demo Import Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

WordPress Olive One Click Demo Import Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload

Software Olive One Click Demo Import Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-29102 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID c225fdbdb389 Credits deokhunKim Required privilege...