3 matches found
CVE-2024-24780
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...
PT-2023-16211 · WordPress · Location Weather
Name of the Vulnerable Software and Affected Versions: Location Weather WordPress plugin versions prior to 1.3.4 Description: The issue concerns the Location Weather WordPress plugin, which does not properly validate and escape certain block options before outputting them in a page or post. This...
PT-2021-16193 · WordPress · The Weather Effect
Name of the Vulnerable Software and Affected Versions: The Weather Effect WordPress plugin versions prior to 1.3.4 Description: The issue is related to the lack of CSRF checks and input validation when saving settings, which could lead to a Stored Cross-Site Scripting issue. This means that an...