CVE-2023-23675

CVE-2023-23675 relates to a stored XSS vulnerability in the WordPress plugin WP Smart Preloader (Catchsquare) for versions

CVE-2023-23675 WordPress WP Smart Preloader Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Catchsquare WP Smart Preloader plugin = 1.15 versions...

WordPress plugin WP Smart Preloader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WP Smart Preloader < 1.15.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress WP Smart Preloader Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)

Software WP Smart Preloader Type Plugin Vulnerable versions = 1.15 Fixed in 1.15.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23675 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 25728fd02383 Credits Rio Darmawan Require...

CVE-2022-26468

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-26468

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-26468

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

Out-of-bounds

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-26468

CVE-2022-26468: Out-of-bounds write in the preloader (usb) on MediaTek devices due to a missing bounds check. This can lead to local privilege escalation with physical access and requires user interaction for exploitation. Patch ID ALPS07168125/Issue ALPS07168125 appears in the record; no specifi...

PT-2022-17880 · Preloader · Preloader

Name of the Vulnerable Software and Affected Versions: preloader usb affected versions not specified Description: The issue is related to a missing bounds check in the preloader usb, which could lead to a possible out of bounds write. This might result in local escalation of privilege for an...

MediaTek 芯片缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chip preloader module, which stems from a lack of bounds checking for out-of-range writes. This could lead to a local privilege escalation for an attacker who has physical acces...

com.amazon.aes.webservices.client:ec2-java-client (=20080327), com.cybersource:cybersource-sdk-java (>=6.2.0 <=6.2.1) +83 more potentially affected by CVE-2015-0227 via wss4j:wss4j (>=1.5.0 <=1.5.1)

wss4j:wss4j MAVEN version =1.5.0, =6.2.0, =1.0.12, =9.00.2110.07.220316, =0.0.9, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.3.0 - com.github.rapidark:rapid-ark-pretty =0.3.0 - com.github.rapidark:rapid-ark-pretty-demo =0.3.0 - com.github.rapidark:rapid-ark-pretty-demo-keeper =0.3.0 -...

CVE-2022-20073

In preloader usb, there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20073

In preloader usb, there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20073

In preloader usb, there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20074

In preloader partition, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patc...

CVE-2022-20074

In preloader partition, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patc...

CVE-2022-20074

In preloader partition, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patc...

CVE-2022-20069

In preloader usb, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...