40 matches found
Medium: python3-urllib3
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...
WordPress Station Pro plugin <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via width and height Parameters vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via width and height Parameters vulnerability discovered by Peter Thaleikis in WordPress Plugin Station Pro versions = 2.4.2...
WordPress WPAdverts plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin WPAdverts versions = 2.2.5...
WordPress LMSACE Connect plugin <= 3.4 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin LMSACE Connect versions = 3.4...
WordPress AiBud WP plugin <= 1.9 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Ryan Kozak Patchstack Bug Bounty Program in WordPress Plugin AiBud WP versions = 1.9...
WordPress RSS Digest plugin <= 1.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by johska in WordPress Plugin RSS Digest versions = 1.5...
WordPress Relocate Upload plugin <= 0.24.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Relocate Upload versions = 0.24.1...
WordPress File Manager Plugin For Wordpress plugin <= 7.5 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin File Manager Plugin For Wordpress versions = 7.5...
WordPress Hover Effects plugin <= 2.1.2 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by Jamaal ahmed in WordPress Plugin Hover Effects versions = 2.1.2...
WordPress WP-PhotoNav plugin <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photonav Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via photonav Shortcode vulnerability discovered by Gilang in WordPress Plugin WP-PhotoNav versions = 1.2.2...
WordPress Inventory Presser plugin <= 15.2.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by greenhats in WordPress Plugin Inventory Presser versions = 15.2.6...
WordPress IndieBlocks plugin <= 0.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via kind Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via kind Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin IndieBlocks versions = 0.13.2...
WordPress Slim SEO plugin <= 4.5.4 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by ChuongVN in WordPress Plugin Slim SEO versions = 4.5.4...
WordPress WP-Addpub plugin <= 1.2.8 - Authenticated (Contributor+) SQL Injection vulnerability
Authenticated Contributor+ SQL Injection vulnerability discovered by muhammad yudha in WordPress Plugin WP-Addpub versions = 1.2.8...
WordPress WP Post Corrector plugin <= 1.0.2 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin WP Post Corrector versions = 1.0.2...
WordPress WP Mail Options plugin <= 0.2.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP Mail Options versions = 0.2.3...
WordPress Elite Video Player plugin <= 10.0.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Anhchangmutrang in WordPress Plugin Elite Video Player versions = 10.0.5...
WordPress Store Locator WordPress plugin <= 1.5.1 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by Nguyen Kim Sang in WordPress Plugin Store Locator WordPress versions = 1.5.1...
WordPress WP Travel Engine plugin <= 6.5.1 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by muhammad yudha in WordPress Plugin WP Travel Engine versions = 6.5.1...
CVE-2012-4145
Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, has unknown impact and attack vectors, related to a "low severity issue."...