3 matches found
PT-2024-26295 · Lunary Ai · Lunary
Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions up to and including 1.2.2 Description: An improper access control issue exists, allowing an admin to update any organization user to the organization owner. This enables the elevated user to delete projects within th...
PT-2024-10887 · WordPress · Wp Editor
Name of the Vulnerable Software and Affected Versions: WP Editor WordPress plugin version 1.2.6 and earlier Description: The issue is related to an authenticated blind SQL injection problem. It occurs because the plugin does not properly sanitise or validate its setting fields, allowing an...
PT-2021-18226 · Unknown · Matrix Media Repo
Name of the Vulnerable Software and Affected Versions: matrix-media-repo versions 1.2.6 and earlier Description: The issue arises from improper handling of malicious images that are small in file size but large in complexity. A malicious user can upload a small image using specific formats that...