12 matches found
PT-2026-6246
Name of the Vulnerable Software and Affected Versions WP Bannerize Pro versions through 1.11.0 Description The software contains a missing authorization issue due to incorrectly configured access control security levels. This allows for potential exploitation. Recommendations Update WP Bannerize...
PT-2025-39461
Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.8.2 Description A flaw exists in JeecgBoot that allows for improper authorization. This is due to the manipulation of the ids argument within an unknown function of the /sys/tenant/deleteBatch file. The attack can be...
PT-2025-14092 · WordPress · Wp Realestate
Name of the Vulnerable Software and Affected Versions: WP RealEstate plugin versions up to, and including, 1.6.26 Description: The issue is related to insufficient role restrictions in the process register function, allowing unauthenticated attackers to register an account with the Administrator...
PT-2025-2170 · WordPress · Webcamconsult
Name of the Vulnerable Software and Affected Versions: Webcamconsult plugin for WordPress versions up to, and including, 1.5.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on a function. This allows unauthenticated attackers to updat...
PT-2024-39590 · Yotpo · Yotpo: Product & Photo Reviews For Woocommerce
Name of the Vulnerable Software and Affected Versions: Yotpo: Product & Photo Reviews for WooCommerce plugin for WordPress versions up to, and including, 1.7.8 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This allo...
PT-2024-19077 · Unknown · Openharmony
Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.2.4 Description: The issue allows a local attacker to cause a sensitive information leak through insecure storage. A local attacker can exploit this to gain access to sensitive information. Recommendations: For...
PT-2024-15192 · WordPress · Wpforms Pro
Name of the Vulnerable Software and Affected Versions: WPForms Pro versions up to, and including, 1.8.5.3 Description: The WPForms Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form submission parameters due to insufficient input sanitization and output escaping. This...
PT-2023-15935 · WordPress · Adsanity
Name of the Vulnerable Software and Affected Versions: AdSanity plugin for WordPress versions up to, and including, 1.8.1 Description: The issue is related to missing file type validation in the ajax upload function, allowing authenticated attackers with Contributor+ level privileges to upload...
PT-2022-3000 · Adobe · Illustrator
Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier Description: The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of...
PT-2019-16503 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.16 and prior Description: The issue allows a high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks can result in the unauthorized ability to cause a hang o...
PT-2018-16625 · Adobe +2 · Flash Player +2
Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 28.0.0.161 and earlier Description: The issue is a type confusion vulnerability that could lead to arbitrary code execution in the context of the current user. It allows attackers to execute code remotely...
Golabi CMS RFI Vulnerability (Mar 2009) - Active Check
Golabi CMS is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...