20 matches found
WordPress Elementor Addon Elements plugin <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Dual Button Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Dual Button Widget vulnerability discovered by RandomRoot in WordPress Plugin Elementor Addon Elements versions = 1.12.12...
CVE-2024-6104 affecting package cert-manager for versions less than 1.12.12-3
CVE-2024-6104 affecting package cert-manager for versions less than 1.12.12-3. An upgraded version of the package is available that resolves this issue...
CVE-2024-1391
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eaecustomoverlayswitcher’ attribute of the Thumbnail Slider widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possib...
CVE-2024-1393
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iconalign' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress Plugin Elementor Addon Elements Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2024-18004 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the button1 icon attribute of the Dual Button widget due to insufficient input...
PT-2024-18005 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the icon align attribute of the Content Switcher widget due to insufficient input...
WordPress Plugin Elementor Addon Elements Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2024-18032 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the modal popup widget's effect setting due to insufficient input sanitization and outpu...
PT-2024-18003 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the eae custom overlay switcher attribute of the Thumbnail Slider widget. This is due to...
WordPress Elementor Addon Elements Plugin <= 1.12.11 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.11 Fixed in 1.12.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0834 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 65cab16f462f Credits Webbernaut Required...
openSUSE Security Update : go1.12 (openSUSE-2019-2521)
This update for go1.12 fixes the following issues : Security issues fixed : - CVE-2019-16276: Fixed the handling of invalid HTTP headers, which had allowed request smuggling bsc1152082. - CVE-2019-17596: Fixed a panic in dsa.Verify caused by invalid public keys bsc1154402. Non-security issue fixe...
openSUSE Security Update : go1.12 (openSUSE-2019-2522)
This update for go1.12 fixes the following issues : Security issues fixed : - CVE-2019-16276: Fixed the handling of invalid HTTP headers, which had allowed request smuggling bsc1152082. - CVE-2019-17596: Fixed a panic in dsa.Verify caused by invalid public keys bsc1154402. Non-security issue fixe...
GHSA-G7J3-P357-CW8P Directory Traversal in f2e-server
Affected versions of f2e-server resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...
Directory Traversal in f2e-server
Affected versions of f2e-server resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...
Directory Traversal
Overview Affected versions of f2e-server resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...
Wireshark WBXML Dissector Denial of Service Vulnerability (Aug 2016) - Windows
Wireshark is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark";...
Wireshark Multiple Denial of Service Vulnerabilities-04 (Aug 2016) - Windows
Wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DEBIAN-CVE-2005-2693
cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack...
CVS < 1.12.12 Unspecified Remote Overflow
Binary data 2838.prm...