6 matches found
PT-2026-42770
Directory traversal in Follett Software's Destiny Library Manager 22 0 2 rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter...
š Yoast SEO 22.5 Cross Site Scripting
These are details relating a cross site scripting vulnerability in Yoast SEO versions 22.5 and below that was originally discovered in 2024. CVE-2024-4041 Yoast SEO /?page=%22%20onmouseover%3D%22alertdocument.domain%22%20x%3D%22 3. In the admin bar, open the Yoast menu and hover/click Get Yoast S...
CVE-2023-5209
The WordPress Online Booking and Scheduling Plugin WordPress plugin before 22.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...
PT-2023-14454 Ā· Navblue S.A.S Ā· Navblue N-Ops & Crew
Name of the Vulnerable Software and Affected Versions: NAVBLUE S.A.S N-Ops & Crew version 22.5-rc.50 Description: The issue is related to Cross Site Scripting XSS, which is a type of security vulnerability that can allow an attacker to inject malicious scripts into a website. No information is...
CVE-2022-39983
File upload vulnerability in Pro Gamma Instant Developer RD3 22.5 r23, r30, and possibly earlier versions, allows attackers to execute arbitrary code...
CVE-2022-4270
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...