WordPress Media Library Assistant plugin <= 3.35 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin Media LIbrary Assistant versions = 3.35...

CVE-2024-34749

Phormer prior to version 3.35 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote unauthenticated attacker may execute an arbitrary script on the web browser of the user...

DEBIAN-CVE-2025-43971

An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen...

CVE-2024-34749

Phormer prior to version 3.35 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote unauthenticated attacker may execute an arbitrary script on the web browser of the user...

CVE-2024-34749

Phormer prior to version 3.35 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote unauthenticated attacker may execute an arbitrary script on the web browser of the user...

Phormer vulnerable to cross-site scripting

Overview Phormer contains a cross-site scripting vulnerability CWE-79. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on t...

JVN#61054671: Phormer vulnerable to cross-site scripting

Phormer contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user. Solution Update the Software Update the software to the latest version according to the information provided by the developer. Phormer version 3.35 was released...

PT-2024-28030 · WordPress · Click To Chat – Holithemes

Name of the Vulnerable Software and Affected Versions: Click to Chat – HoliThemes plugin for WordPress versions up to, and including, 3.35 Description: The issue allows authenticated attackers with contributor access or above to include and execute arbitrary files on the server. This enables the...

WordPress Click to Chat plugin <= 3.35 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by haidv35 from Viettel Cyber Security in WordPress Plugin Click to Chat versions = 3.35...

Debian Security Advisory DSA 501-1 (exim)

The remote host is missing an update to exim announced via advisory DSA 501-1. OpenVAS Vulnerability Test $Id: deb5011.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 501-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...