80 matches found
PT-2024-22169 · Zippy · Zippy
Name of the Vulnerable Software and Affected Versions: Zippy versions 1.6.9 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability. This allows for the upload of files with potentially dangerous types, which could lead to security issues...
WordPress Zippy Plugin <= 1.6.9 is vulnerable to Arbitrary File Upload
Software Zippy Type Plugin Vulnerable versions = 1.6.9 Fixed in 1.6.10 OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2024-27964 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID f32b93d01376 Credits stealthcopter Required...
The vulnerability of the Zippy plugin in the WordPress content management system, related to deficiencies in the deserialization mechanism, allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the Zippy plugin in the WordPress content management system is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service interruptions...
CVE-2023-36381
Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5...
CVE-2023-36381
Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5...
Deserialization of untrusted data
Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5...
CVE-2023-36381
CVE-2023-36381 affects the WordPress Zippy plugin (versions
CVE-2023-36381 WordPress Zippy Plugin <= 1.6.5 is vulnerable to PHP Object Injection
Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5...
WordPress Plugin Zippy Code Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
CVE-2023-26533
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1...
CVE-2023-26533
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1...
Code injection
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1...
CVE-2023-26533
CVE-2023-26533 affects the Zippy WordPress plugin by Gesundheit Bewegt GmbH, up to version 1.6.1. The vulnerability exposes sensitive information to unauthorized actors due to information disclosure. A fix is available in version 1.6.2. CVSS v3.1 base score is 6.5 (Medium), with network attack ve...
CVE-2023-26533 WordPress Zippy Plugin <= 1.6.1 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1...
PT-2023-20709 · Zippy · Zippy
Name of the Vulnerable Software and Affected Versions: Zippy versions 1.6.1 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who should not have access to it...
WordPress Plugin Zippy Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Zippy suffers from an...
WordPress Zippy Plugin <= 1.6.2 is vulnerable to Broken Access Control
Software Zippy Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.6.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Broken Access Control CVE CVE-2023-34381 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e9431ff4e9e3 Credits Emili Castells Required privilege...
WordPress Zippy Plugin <= 1.6.5 is vulnerable to PHP Object Injection
Software Zippy Type Plugin Vulnerable versions = 1.6.5 Fixed in 1.6.6 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-36381 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 06b21be6012c Credits Jeong Seong Ho Required privilege Author Published 2...
WordPress Zippy Plugin <= 1.6.1 is vulnerable to Sensitive Data Exposure
Software Zippy Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-26533 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 652b24a2c5be Credits Junsu Yeo Required privilege...
Zippy Store 跨站脚本漏洞
Zippy Store is a web interface accounting program by Leon Personal Developer. Designed to automate small businesses through a simplified form of accounts without the use of full accounts. A security vulnerability exists in Zippy Store version v6.6.0, which stems from a cross-site scripting XSS...