EUVD-2024-36499

Malicious code in bioql PyPI...

EUVD-2024-29033

Malicious code in bioql PyPI...

CVE-2024-37209

Access Control vulnerability in Prism IT Systems User Rights Access Manager allows . This issue affects User Rights Access Manager: from n/a through 1.1.2...

CVE-2024-31122

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights Access Manager: from n/a through 1.1.2...

CVE-2020-0684

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'...

CVE-2024-37209

Access Control vulnerability in Prism IT Systems User Rights Access Manager allows . This issue affects User Rights Access Manager: from n/a through 1.1.2...

CVE-2024-37209 WordPress User Rights Access Manager plugin <= 1.1.2 - Broken Access Control vulnerability

Access Control vulnerability in Prism IT Systems User Rights Access Manager allows . This issue affects User Rights Access Manager: from n/a through 1.1.2...

CVE-2024-37209

CVE-2024-37209 affects the WordPress plugin User Rights Access Manager (

CVE-2024-37209 WordPress User Rights Access Manager plugin <= 1.1.2 - Broken Access Control vulnerability

Access Control vulnerability in Prism IT Systems User Rights Access Manager allows . This issue affects User Rights Access Manager: from n/a through 1.1.2...

WordPress plugin User Rights Access Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress User Rights Access Manager Plugin <= 1.1.2 is vulnerable to Broken Access Control

Software User Rights Access Manager Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37209 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 1f100e30e3b8 Credits Majed Refaea...

CVE-2024-31122

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights Access Manager: from n/a through 1.1.2...

CVE-2024-31122 WordPress User Rights Access Manager plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights Access Manager: from n/a through 1.1.2...

CVE-2024-31122

CVE-2024-31122 is a Reflected XSS in the WordPress plugin User Rights Access Manager . The vulnerability arises from improper neutralization of input during web page generation, leading to cross-site scripting in the affected page. The description states that the issue affects User Rights Access ...

WordPress User Rights Access Manager Plugin <= 1.1.4 is vulnerable to Cross Site Scripting (XSS)

Software User Rights Access Manager Type Plugin Vulnerable versions = 1.1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31122 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID 0673dec6d13c Credits Yudistira Arya Required...

User Rights Access Manager <= 1.0.5 - Access Restriction Bypass

The plugin does not properly restrict access to pages, allowing admin users with restricted access done by the plugin to still access the related pages. The issue is the same technique than https://blog.nintechnet.com/vulnerabilities-fixed-in-wordpress-controlled-admin-access-plugin/ PoC The PoC...