BIT-JAVA-MIN-2025-27113

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c...

UBUNTU-CVE-2024-56171

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be...

WordPress Paid Memberships Pro plugin <= 2.12.10 - Cross-Site Request Forgery to Membership Modification vulnerability

Cross-Site Request Forgery to Membership Modification vulnerability discovered by Colin Xu in WordPress Plugin Paid Memberships Pro versions = 2.12.10...

WordPress Paid Memberships Pro Plugin <= 2.12.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Paid Memberships Pro Type Plugin Vulnerable versions = 2.12.10 Fixed in 3.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1407 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 8bd40b5c1996 Credits Colin Xu Requir...

WordPress plugin Paid Memberships Pro 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Paid...

WordPress plugin Paid Memberships Pro 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Paid...

PT-2024-24866 · Unknown · Paid Memberships Pro

Name of the Vulnerable Software and Affected Versions: Paid Memberships Pro versions n/a through 2.12.10 Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations: For...

WordPress Paid Memberships Pro Plugin <= 2.12.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Paid Memberships Pro Type Plugin Vulnerable versions = 2.12.10 Fixed in 3.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32793 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f812b615b820 Credits Majed Refaea...

WordPress Paid Memberships Pro plugin <= 2.12.10 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by kodaichodai in WordPress Plugin Paid Memberships Pro versions = 2.12.10...

PT-2023-30289 · Redis · Redisgraph

Name of the Vulnerable Software and Affected Versions: RedisGraph version 2.12.10 Description: An issue in RedisGraph allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlock ItemIsDeleted. Recommendations: For RedisGraph version 2.12.10, at the...