WordPress plugin Advanced Custom Fields 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s developers, used for building websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.2 contained security vulnerabilities. These vulnerabilities stemmed from information leaks in the cron controller, which could allow...

ChurchCRM 安全漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.1.0 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses in the API middleware, allowing unverified attackers to access all protected API endpoints...

WordPress plugin Link Whisper Free 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this vulnerability allows unverified attackers to manipulate database queries...

WordPress plugin SureForms 输入验证错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

BS Producten Petcam 安全漏洞

BS Producten Petcam is a smart camera device from the Dutch company BS Producten, designed for remote monitoring of pet conditions and video viewing. Version 33.1.0.0818 of BS Producten Petcam has a security vulnerability. This vulnerability stems from improper access control, which may allow...

Hotel-Booking-Script uHotelBooking SQL注入漏洞

Hotel-Booking-Script uHotelBooking is a hotel room reservation management system developed by Hotel-Booking-Script Inc. Hotel-Booking-Script uHotelBooking has a SQL injection vulnerability. This vulnerability stems from the SQL injection present in the systempage parameter, which may allow...

Epross AVCON6 安全漏洞

Epross AVCON6 is a monitoring video management server developed by Epross Corporation. Epross AVCON6 has a security vulnerability, which stems from OGNL injection. This vulnerability could allow unverified attackers to execute arbitrary commands...

Web Wiz Forums SQL注入漏洞

Web Wiz Forums is a community forum system developed by the British company Web Wiz. Version 12.01 of Web Wiz Forums contains a SQL injection vulnerability. This vulnerability stems from SQL injection in the PF parameters, which could allow unverified attackers to manipulate database queries...

WordPress plugin Aruba HiSpeed Cache 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin WPZOOM Addons for Elementor – Starter Templates & Widgets 信息泄露漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

WordPress plugin All-in-One Video Gallery has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

Oracle E-Business Suite security vulnerabilities

Oracle E-Business Suite is a comprehensive and integrated global business management software developed by Oracle, a company based in the United States. This software offers features such as customer relationship management, service management, and financial management. Vulnerabilities exist in t...

Oracle Database Server security vulnerabilities

Oracle Database Server is a relational database management system developed by Oracle Corporation in the United States. This database management system provides features such as data management and distributed processing. There were security vulnerabilities in the SQLcl version of Oracle Database...

Oracle E-Business Suite security vulnerabilities

Oracle E-Business Suite is a comprehensive and integrated global business management software developed by Oracle, a company based in the United States. This software offers features such as customer relationship management, service management, and financial management. There are security...

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise PeopleTools is a tool and...

CVE-2024-4319

The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vszcf7exporttoexcel' function in versions up to, and including, 2.0.2. This makes it possible for unauthenticated attackers to download the entry data for...

CVE-2024-13697

CVE-2024-13697 documents an unauthenticated SSRF in Better Messages for WordPress (plugin versions up to 2.7.4) via the nice_links feature. Exploitation requires Enable link previews (default). The connected docs indicate a patch is available and advise upgrading to a fixed version; no further ex...