4 matches found
CVE-2026-5131
GREENmod uses named pipes for communication between plugins, the web portal, and the system service, but the access control lists for these pipes are configured incorrectly. This allows an attacker to communicate with the stream and upload any XML or JSON file, which will be processed by the name...
CVE-2026-5131
GREENmod uses named pipes for communication between plugins, the web portal, and the system service, with ACLs configured incorrectly. This can allow an attacker to communicate with the stream and upload XML or JSON files, which are processed by the named pipe under the service user’s privileges,...
CVE-2023-45106
Cross-Site Request Forgery CSRF vulnerability in Fedor Urvanov, Aram Kocharyan Urvanov Syntax Highlighter plugin = 2.8.33 versions...
WordPress Urvanov Syntax Highlighter Plugin <= 2.8.33 is vulnerable to Cross Site Request Forgery (CSRF)
Software Urvanov Syntax Highlighter Type Plugin Vulnerable versions = 2.8.33 Fixed in 2.8.34 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45106 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 73e06e46354c Credits Mika...