PT-2025-34174 · Ubiquiti · Unifi Connect Display Cast

Name of the Vulnerable Software and Affected Versions: UniFi Connect Display Cast versions prior to 1.10.7 UniFi Connect Display Cast Pro versions prior to 1.0.94 UniFi Connect Display Cast Lite versions prior to 1.1.8 Description: An improper access control issue could allow a malicious actor...

CVE-2024-1360

The Colibri WP theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.94. This is due to missing or incorrect nonce validation on the colibriwpinstallplugin function. This makes it possible for unauthenticated attackers to install recommended...

WordPress plugin The User Verification 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2017-2224

Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

JVN#73550134: WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting

The WordPress plugin "Event Calendar WD" provided by Web-Dorado contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the developer...