GHSA-VP64-77C6-33H8 Liferay Portal has External Control of System or Configuration Settings

Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not properly obtain the remote address of the live site from th...

External Control of System or Configuration Setting

Overview Affected versions of this package are vulnerable to External Control of System or Configuration Setting in the staging of live sites. An attacker can exfiltrate sensitive data to an external server by supplying malicious values for the remoteAddress and remotePort parameters. Note: This ...

CVE-2024-49684

Deserialization of Untrusted Data vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Object Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.21...

WordPress Plugin Backup Migration Staging Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...