CVE-2024-54313 WordPress FULL – Cliente plugin <= 3.1.25 - Local File Inclusion vulnerability

Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL Customer: from n/a through 3.1.25...

WordPress plugin FULL Customer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-36195 · Full · Full

Name of the Vulnerable Software and Affected Versions: FULL Customer versions 3.1.25 and earlier Description: The issue is related to a Path Traversal vulnerability. This allows for unauthorized access to files and directories. The estimated number of potentially affected devices is not specified...

WordPress FULL – Cliente plugin <= 3.1.25 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin FULL Customer versions = 3.1.25...

WordPress plugin Icegram 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress Ditty Plugin < 3.1.25 is vulnerable to Cross Site Scripting (XSS)

Software Ditty Type Plugin Vulnerable versions 3.1.25 Fixed in 3.1.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4148 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c4ba1ff51af7 Credits Animesh Gaurav Required...

WordPress plugin Ditty cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

Denial of Service (DoS)

Overview Microsoft.AspNetCore.App.Runtime.osx-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS via excess memory allocations...

.NET Core Multiple Denial of Service Vulnerabilities (KB5014326)

This host is missing an important security update according to Microsoft KB5014326. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Sendinblue plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress Plugin Sendinblue prior to version 3.1.25, which...

PT-2022-9511 · Sendinblue · The Newsletter

Name of the Vulnerable Software and Affected Versions: The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin versions prior to 3.1.25 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the sib-statistics-date paramet...