Lucene search
+L

80 matches found

ptsecurity
ptsecurity
added 2024/03/21 12:0 a.m.8 views

PT-2024-22169 · Zippy · Zippy

Name of the Vulnerable Software and Affected Versions: Zippy versions 1.6.9 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability. This allows for the upload of files with potentially dangerous types, which could lead to security issues...

8.8CVSS9.4AI score0.00606EPSS
Exploits0References7
patchstack
patchstack
added 2024/03/13 12:0 a.m.12 views

WordPress Zippy Plugin <= 1.6.9 is vulnerable to Arbitrary File Upload

Software Zippy Type Plugin Vulnerable versions = 1.6.9 Fixed in 1.6.10 OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2024-27964 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID f32b93d01376 Credits stealthcopter Required...

8.8CVSS6.5AI score0.00606EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2024/01/17 12:0 a.m.7 views

The vulnerability of the Zippy plugin in the WordPress content management system, related to deficiencies in the deserialization mechanism, allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the Zippy plugin in the WordPress content management system is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service interruptions...

9CVSS8.1AI score0.00478EPSS
Exploits0References3Affected Software1
osv
osv
added 2023/12/28 11:15 a.m.4 views

CVE-2023-36381

Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5...

8.8CVSS5.8AI score0.00478EPSS
Exploits0References1
nvd
nvd
added 2023/12/28 11:15 a.m.18 views

CVE-2023-36381

Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5...

8.8CVSS0.00478EPSS
Exploits0References1
prion
prion
added 2023/12/28 11:15 a.m.11 views

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5...

6.5CVSS7.2AI score0.00478EPSS
Exploits0References1Affected Software1
cve
cve
added 2023/12/28 10:34 a.m.37 views

CVE-2023-36381

CVE-2023-36381 affects the WordPress Zippy plugin (versions

8.8CVSS8.1AI score0.00478EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/12/28 10:34 a.m.30 views

CVE-2023-36381 WordPress Zippy Plugin <= 1.6.5 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5...

6.6CVSS8.9AI score0.00478EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/12/28 12:0 a.m.4 views

WordPress Plugin Zippy Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

8.8CVSS6.8AI score0.00478EPSS
Exploits0References2
osv
osv
added 2023/11/30 4:15 p.m.4 views

CVE-2023-26533

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1...

6.5CVSS7.3AI score
Exploits0References1
nvd
nvd
added 2023/11/30 4:15 p.m.19 views

CVE-2023-26533

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1...

6.5CVSS0.00724EPSS
Exploits0References1
prion
prion
added 2023/11/30 4:15 p.m.19 views

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1...

4CVSS7.1AI score0.00724EPSS
Exploits0References1Affected Software1
cve
cve
added 2023/11/30 3:40 p.m.33 views

CVE-2023-26533

CVE-2023-26533 affects the Zippy WordPress plugin by Gesundheit Bewegt GmbH, up to version 1.6.1. The vulnerability exposes sensitive information to unauthorized actors due to information disclosure. A fix is available in version 1.6.2. CVSS v3.1 base score is 6.5 (Medium), with network attack ve...

6.5CVSS7.2AI score0.00724EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/11/30 3:40 p.m.28 views

CVE-2023-26533 WordPress Zippy Plugin <= 1.6.1 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1...

6.5CVSS6.7AI score0.00724EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/11/30 12:0 a.m.4 views

PT-2023-20709 · Zippy · Zippy

Name of the Vulnerable Software and Affected Versions: Zippy versions 1.6.1 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who should not have access to it...

6.5CVSS6.8AI score0.00724EPSS
Exploits0References6
cnnvd
cnnvd
added 2023/11/30 12:0 a.m.3 views

WordPress Plugin Zippy Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Zippy suffers from an...

6.5CVSS6.3AI score0.00724EPSS
Exploits0References1
patchstack
patchstack
added 2023/07/12 12:0 a.m.11 views

WordPress Zippy Plugin <= 1.6.2 is vulnerable to Broken Access Control

Software Zippy Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.6.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Broken Access Control CVE CVE-2023-34381 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e9431ff4e9e3 Credits Emili Castells Required privilege...

6.3AI score0.00573EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2023/06/28 12:0 a.m.10 views

WordPress Zippy Plugin <= 1.6.5 is vulnerable to PHP Object Injection

Software Zippy Type Plugin Vulnerable versions = 1.6.5 Fixed in 1.6.6 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-36381 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 06b21be6012c Credits Jeong Seong Ho Required privilege Author Published 2...

8.8CVSS6.9AI score0.00478EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2023/03/30 12:0 a.m.10 views

WordPress Zippy Plugin <= 1.6.1 is vulnerable to Sensitive Data Exposure

Software Zippy Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-26533 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 652b24a2c5be Credits Junsu Yeo Required privilege...

6.5CVSS6.6AI score0.00724EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2023/02/13 12:0 a.m.6 views

Zippy Store 跨站脚本漏洞

Zippy Store is a web interface accounting program by Leon Personal Developer. Designed to automate small businesses through a simplified form of accounts without the use of full accounts. A security vulnerability exists in Zippy Store version v6.6.0, which stems from a cross-site scripting XSS...

6.1CVSS5.9AI score0.00473EPSS
Exploits1References2
Rows per page
Query Builder