Checkmk Security Vulnerabilities

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk that stems from the presence of cross-site request forgery, which could lead to a one-click site compromise...

WordPress One Click Order Re-Order plugin <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Missing Authorization to Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Lucio Sá in WordPress Plugin One Click Order Re-Order versions = 1.1.9...

WordPress plugin One Click Order Re-Order Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

WordPress One Click Order Re-Order Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software One Click Order Re-Order Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.1.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5641 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID a046b0fddb6b Credits Lucio Sá...

CVE-2024-32715

A vulnerability in olivethemes Olive One Click Demo Import olive-one-click-demo-import.This issue affects Olive One Click Demo Import: from n/a through = 1.1.1...

CVE-2024-32715

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

CVE-2024-32715

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

PT-2024-24803 · Olive Themes · Olive One Click Demo Import

Name of the Vulnerable Software and Affected Versions: Olive One Click Demo Import versions 1.1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import. Recommendations: For Olive One Click Demo Import versions 1.1.1 and...

CVE-2023-6876

The Clever Fox – One Click Website Importer by Nayra Themes plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'clever-fox-activate-theme' function in all versions up to, and including, 25.2.0. This makes it possible for authenticated...

CVE-2023-6876

CVE-2023-6876 (Clever Fox – One Click Website Importer) is an authenticated-actor vulnerability in the Clever Fox WordPress plugin where a missing capability check on clever-fox-activate-theme allows users with subscriber+ privileges to modify the active theme (incl. to an invalid value) in versi...

CVE-2024-34433

Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0...

CVE-2024-34433

Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0...

WordPress plugin One Click Demo Import 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers. WordPress plugin is an application plugin. A code issue vulnerability exists in WordPre...

PT-2024-25887 · Unknown · One Click Demo Import

Name of the Vulnerable Software and Affected Versions: One Click Demo Import versions 3.2.0 and earlier Description: The issue is related to the Deserialization of Untrusted Data, which affects the functionality of the software. Recommendations: For versions 3.2.0 and earlier, update to a version...

WordPress One Click Demo Import plugin <=3.2.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by ngductung Patchstack Alliance in WordPress Plugin One Click Demo Import versions = 3.2.0...

WordPress Olive One Click Demo Import plugin <= 1.1.1 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Olive One Click Demo Import versions = 1.1.1...

WordPress Olive One Click Demo Import Plugin <= 1.1.1 is vulnerable to Arbitrary File Download

Software Olive One Click Demo Import Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A4: Insecure Design Classification Arbitrary File Download CVE CVE-2024-32715 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID a4c06fc8a3c4 Credits Yudistira Arya...

WordPress WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score plugin <= 7.0 - Sensitive Information Exposure via insufficiently protected files vulnerability

Sensitive Information Exposure via insufficiently protected files vulnerability discovered by Krzysztof Zając in WordPress Plugin WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to fix Insecure Content versions = 7.0...

PT-2024-22795 · Gotortc · Gotortc

Name of the Vulnerable Software and Affected Versions: gotortc versions 1.8.5 and prior Description: The issue is related to DOM-based cross-site scripting. The links page links.html appends the src GET parameter 0 in all of its links for 1-click previews. The context in which src is being append...

Olive One Click Demo Import < 1.1.2 - Missing Authorization

Description The Olive One Click Demo Import plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability checking on several rest routes in versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to perform unauthorize...