CVE-2021-41280

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

CVE-2024-13866 Simple Notification <= 1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Simple Notification plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary...

WordPress plugin Simple Notification 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Simple Notification plugin <= 1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Pham Van Tam in WordPress Plugin Simple Notification versions = 1.3...

CVE-2024-54242

Missing Authorization vulnerability in appsbd Simple Notification simple-notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: from n/a through = 1.3...

CVE-2024-54242 WordPress Simple Notification plugin <= 1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in appsbd Simple Notification simple-notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: from n/a through = 1.3...

CVE-2024-54242

CVE-2024-54242 describes a Missing Authorization (Broken Access Control) vulnerability in WordPress Simple Notification plugin versions up to 1.3. The issue arises from incorrectly configured access control, enabling unauthorized actions as described in multiple sources. The CVE affects Simple No...

WordPress plugin Simple Notification 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-36121 · Unknown · Simple Notification

Name of the Vulnerable Software and Affected Versions: Simple Notification versions 1.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For Simple...

WordPress Simple Notification plugin <= 1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Simple Notification versions = 1.3...

PT-2019-11353 · Jenkins · Jenkins Amazon Sns Build Notifier Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Amazon SNS Build Notifier Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specificall...