6 matches found
WordPress Link Whisper Free plugin < 0.9.1 - Unauthenticated Settings and User Meta Update vulnerability
Unauthenticated Settings and User Meta Update vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin Link Whisper Free versions 0.9.1...
PT-2024-17310 · WordPress · Glomex Oembed Plugin
Name of the Vulnerable Software and Affected Versions: glomex oEmbed plugin for WordPress versions prior to 0.9.1 Description: The glomex oEmbed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's glomex integration shortcode due to insufficient input sanitization a...
CVE-2023-39661
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...
PT-2022-28151 · Usememos · Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input and later displays it without proper validation or escaping, allowing an attacke...
PT-2022-28133 · Unknown · Usememos/Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Cross-Site Request Forgery CSRF in the GitHub repository usememos/memos. CSRF is an attack that tricks a user into performing unintended actions on a web application...
memos 访问控制错误漏洞
memos is an open source hosted meme center with knowledge management and social features. An access control error vulnerability exists in versions of memos prior to 0.9.1, which can be exploited by an attacker to archive victim memos via IDOR...