WordPress plugin WP Cassify 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Post Grid and Gutenberg Blocks – ComboBlocks 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin.... WordPress plugin Post Grid and...

PT-2024-34711

Name of the Vulnerable Software and Affected Versions: CyberPanel versions prior to 2.3.5 Description: CyberPanel aka Cyber Panel is susceptible to a command injection issue. This allows for unauthenticated remote code execution through the /filemanager/upload endpoint via shell metacharacters. T...

CVE-2024-37122

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Biplob Adhikari Accordions allows Stored XSS.This issue affects Accordions: from n/a through 2.3.5...

PT-2024-27425 · Foxiz · Foxiz

Name of the Vulnerable Software and Affected Versions: Foxiz versions 2.3.5 and earlier Description: A Server-Side Request Forgery SSRF vulnerability has been identified in Theme-Ruby Foxiz. This issue allows for unauthorized access to internal resources, potentially leading to sensitive data...

WordPress theme Foxiz code issue vulnerability

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on PHP and MySQL servers.WordPress theme is a theme for WordPress. A code issue vulnerability exists in WordPress theme Foxiz version 2.3.5 and earlier versions. An attacker...

WordPress Accordions plugin <= 2.3.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jean Tirstan T Patchstack Alliance in WordPress Plugin Accordions versions = 2.3.5...

PT-2024-23876 · WordPress · Webtoffee Wordpress Comments Import & Export

Name of the Vulnerable Software and Affected Versions: WebToffee WordPress Comments Import & Export versions 2.3.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended action...

PT-2022-11595 · Claviska · Jquery Minicolors

Name of the Vulnerable Software and Affected Versions: claviska jquery-minicolors versions up to 2.3.5 Description: A vulnerability was found in the file jquery.minicolors.js, which leads to cross site scripting. The attack may be launched remotely. The manipulation affects some unknown...

WordPress plugin Photospace Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Photospace Galler...

PT-2022-24229 · Dean Oakley · Photospace Gallery

Name of the Vulnerable Software and Affected Versions: Dean Oakley's Photospace Gallery plugin versions 2.3.5 and earlier Description: The issue allows users with a subscriber or higher role to change plugin settings due to a Broken Access Control vulnerability. This vulnerability affects the...

NVIDIA Data Center GPU Manager Remote Memory Corruption Exploit

NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopback interface, but can also listen on the network for requests coming in on port 5555 remote mgmt. A native client named DCGMI allows users to make...

PT-2013-4484 · Ubiquiti Networks · Unifi

Name of the Vulnerable Software and Affected Versions: Ubiquiti Networks UniFi versions 2.3.5 and earlier Description: A cross-site scripting XSS issue exists in the administer interface of the UniFi Controller, allowing remote attackers to inject arbitrary web script or HTML via a crafted client...