302 matches found
PT-2025-14399 · Unknown · Secure Copy Content Protection/Content Locking
Name of the Vulnerable Software and Affected Versions: Ays Pro Secure Copy Content Protection and Content Locking versions n/a through 4.4.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored...
WordPress plugin Secure Copy Content Protection and Content Locking 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
CVE-2025-1404 Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayssccpreportsusersearch function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to...
CVE-2025-1404 Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayssccpreportsusersearch function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to...
SUSE CVE-2023-34049
The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...
CVE-2024-47306
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection-subscribe-to-view allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking:...
CVE-2024-20449
A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...
Aginode GigaSwitch 安全漏洞
Aginode GigaSwitch is a LANactive support portal from Aginode. A security vulnerability exists in Aginode GigaSwitch version v5 that stems from the use of SCP commands to access sensitive information...
PT-2024-28393 · Aginode · Aginode Gigaswitch V5
Name of the Vulnerable Software and Affected Versions: Aginode GigaSwitch V5 versions prior to 7.06G Description: The issue allows authenticated attackers with Administrator privileges to upload an earlier firmware version, exposing the device to previously patched vulnerabilities. This can be do...
CVE-2024-47306 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.2.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection-subscribe-to-view allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking:...
CVE-2024-47306 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.2.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 4.2....
CVE-2024-20449
A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...
CVE-2024-20449 Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability
A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...
CVE-2024-20449 Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability
A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...
PT-2024-8633 · Cisco · Cisco Nexus Dashboard Fabric Controller
Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard Fabric Controller NDFC affected versions not specified Description: The issue is related to improper path validation in the Cisco Nexus Dashboard Fabric Controller NDFC, which could allow an authenticated, remote attacke...
CVE-2024-6888
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
PT-2024-37929 · WordPress · Secure Copy Content Protection/Content Locking
Name of the Vulnerable Software and Affected Versions: Secure Copy Content Protection and Content Locking WordPress plugin versions prior to 4.1.7 Description: The issue is related to the Secure Copy Content Protection and Content Locking WordPress plugin, which does not properly sanitise and...
WordPress Secure Copy Content Protection plugin < 4.0.9 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Krugov Aryom in WordPress Plugin Secure Copy Content Protection and Content Locking versions 4.0.9...
CVE-2024-6138
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-6138 Secure Copy Content Protection < 4.0.9 - Admin+ Stored XSS
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...