4 matches found
WordPress Quran Shortcode Plugin <= 1.5 is vulnerable to SQL Injection
Software Quran Shortcode Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-51625 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID c3f04d230d13 Credits LVT-tholv2k Required privilege Contributor Published ...
WordPress Image Tag Manager Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)
Software Image Tag Manager Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-22160 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 21a3315fa407 Credits Dimas Maulana Required...
PT-2023-25214 · Thinutech · Thinucms
Name of the Vulnerable Software and Affected Versions: ThinuTech ThinuCMS version 1.5 Description: A vulnerability has been found in an unknown functionality of the file /author posts.php. The manipulation of the argument author with the input g6g12alert1o8sdm leads to cross site scripting. The...
PT-2020-15449 · Jenkins · Jenkins Gitlab Authentication Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Gitlab Authentication Plugin versions 1.5 and earlier Description: The issue arises from the plugin not performing proper group authorization checks, leading to a privilege escalation. Specifically, it does not differentiate between...