779 matches found
CVE-2022-41650
Missing Authorization vulnerability in Paul Custom Content by Country by Shield Security custom-content-by-country.This issue affects Custom Content by Country by Shield Security: from n/a through 3.1.2...
CVE-2022-41650
Missing Authorization vulnerability in Paul Custom Content by Country by Shield Security custom-content-by-country.This issue affects Custom Content by Country by Shield Security: from n/a through 3.1.2...
CVE-2022-41650 WordPress Custom Content by Country plugin <= 3.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Paul Custom Content by Country by Shield Security custom-content-by-country.This issue affects Custom Content by Country by Shield Security: from n/a through 3.1.2...
CVE-2022-41650
CVE-2022-41650 concerns the WordPress plugin “Custom Content by Country” (by Shield Security) with versions through 3.1.2. The Red Hat/NVD/CVE listings, and PT Security enrichment, describe a Missing Authorization vulnerability (Broken Access Control) enabling unauthorized access. The core issue ...
PT-2026-20208
Name of the Vulnerable Software and Affected Versions Custom Content by Country by Shield Security versions through 3.1.2 Description A missing authorization issue exists in Custom Content by Country by Shield Security. The issue allows unauthorized access. Recommendations Update Custom Content b...
WordPress plugin Custom Content by Country (by Shield Security) 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Iolo System_Shield
VulnDrivers-n-LOLDrivers-POCs List of POCs I have done for som...
The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD
Every conversation I have with information security leaders tends to land in the same place. People understand what matters. They know the frameworks, the controls, and the guidance. They can explain why identity security, patching, and access control are critical. And yet incidents keep happenin...
The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD
Every conversation I have with information security leaders tends to land in the same place. People understand what matters. They know the frameworks, the controls, and the guidance. They can explain why identity security, patching, and access control are critical. And yet incidents keep happenin...
CVE-2025-15370
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
CVE-2025-15370
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
CVE-2025-15370
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
CVE-2025-15370 Shield Security <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
CVE-2025-15370
CVE-2025-15370 affects Shield: Blocks Bots, Protects Users, and Prevents Security Breaches (WordPress Shield Security plugin) up to version 21.0.9. The issue is an Insecure Direct Object Reference via MfaGoogleAuthToggle that allows authenticated attackers with Subscriber-level access and above t...
PT-2026-3215
The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This makes it possible...
WordPress Plugin Shield: Blocks Bots, Protects Users, and Prevents Security Breaches
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Shield Security plugin <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator vulnerability
Authenticated Subscriber+ Insecure Direct Object Reference to Disable Google Authenticator vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Shield Security versions = 21.0.9...
CVE-2022-0211
The Shield Security WordPress plugin before 13.0.6 does not sanitise and escape admin notes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
EUVD-2025-200256
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...
CVE-2025-59705
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...