79 matches found
WordPress plugin Crypto 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-39985
Name of the Vulnerable Software and Affected Versions Crypto plugin for WordPress versions up to, and including, 2.15 Description The issue is related to authentication bypass due to missing validation on the user being supplied in the crypto connect ajax process::register function. This allows...
kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region()
A security vulnerability was identified in the Linux kernel's Kernel-based Virtual Machine subsystem KVM, specifically affecting the Secure Virtual Machine SVM feature used on AMD processors. The issue arises from a use-after-free condition in the svmregisterencregion function, which can lead to...
PT-2024-37378 · WordPress · Learnpress
Name of the Vulnerable Software and Affected Versions: LearnPress – WordPress LMS Plugin versions up to, and including, 4.2.6.8.1 Description: The issue allows unauthorized user registration due to a missing capability check on the register function. This enables unauthenticated attackers to bypa...
DEBIAN-CVE-2024-36479
In the Linux kernel, the following vulnerability has been resolved: fpga: bridge: add owner module and take its refcount The current implementation of the fpga bridge assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcoun...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak when the driverregister function fails...
CVE-2023-6652
A vulnerability was found in code-projects Matrimonial Site 1.0. It has been declared as critical. Affected by this vulnerability is the function register of the file /register.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...
Sql injection
A vulnerability was found in code-projects Matrimonial Site 1.0. It has been declared as critical. Affected by this vulnerability is the function register of the file /register.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...
WP Cleanfix < 5.7.0 - Subscriber+ Post/Comment/Post Meta Content Replacement
Description The plugin is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the register function, allowing authenticated attackers, with subscriber-level access and above, to find and replace post, comment, and postmeta content as well as...
WP EXtra < 6.3 - Missing Authorization to Export Settings
Description The WP EXtra plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the register function in versions up to, and including, 6.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to export plugin...
CVE-2023-46793
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'day' parameter in the 'register' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2023-30220 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the day parameter in the register function of the functions.php resource does not validate the...
PT-2023-30224 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the name parameter in the register function of the functions.php file is vulnerable. Recommendations: For Onli...
PT-2023-30225 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the pass parameter in the register function of the functions.php file is vulnerable. Recommendations: For Onli...
PT-2023-30221 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the email parameter in the register function of the functions.php file is vulnerable. Recommendations: For...
CVE-2023-5311
CVE-2023-5311 concerns the WP EXtra WordPress plugin. A missing capability check in the register() function in versions up to 6.2 allows authenticated users with subscriber-level permissions or higher to modify .htaccess in site root, /wp-content, or /wp-includes and can lead to remote code execu...
WordPress Plugin WP Extra Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
CVE-2023-5373
A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function register of the file Master.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
PT-2023-32074 · Sourcecodester · Sourcecodester Online Computer/Laptop Store
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Computer and Laptop Store version 1.0 Description: A critical vulnerability has been found in the function register of the file Master.php. The manipulation of the argument email leads to sql injection. It is possible to...
PT-2023-32034 · Wp Extra · Wp Extra
Name of the Vulnerable Software and Affected Versions: WP EXtra versions up to, and including, 6.2 Description: The issue allows unauthorized access to restricted functionality due to a missing capability check on the 'test-email' section of the register function. This enables authenticated...