Lucene search
K

84 matches found

CNNVD
CNNVD
added 2024/04/09 12:0 a.m.5 views

WordPress Plugin Video Conferencing with Zoom 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS8.4AI score0.00462EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/12 7:32 p.m.11 views

CVE-2024-2031 Video Conferencing with Zoom <= 4.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Video Conferencing with Zoom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'zoomrecordingsbymeeting' shortcode in all versions up to, and including, 4.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS7.4AI score0.0032EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/03/12 12:0 a.m.6 views

WordPress Video Conferencing with Zoom Plugin <= 4.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Video Conferencing with Zoom Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2031 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9603227b9596 Credits Krzysztof...

6.4CVSS5.8AI score0.0032EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/17 5:2 p.m.11 views

CVE-2022-41619 WordPress Image Zoom Plugin <= 1.8.8 is vulnerable to Broken Access Control

Missing Authorization vulnerability in SedLex Image Zoom.This issue affects Image Zoom: from n/a through 1.8.8...

5.4CVSS7.2AI score0.00364EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/17 5:2 p.m.28 views

CVE-2022-41619 WordPress Image Zoom Plugin <= 1.8.8 is vulnerable to Broken Access Control

Missing Authorization vulnerability in SedLex Image Zoom.This issue affects Image Zoom: from n/a through 1.8.8...

5.4CVSS6.7AI score0.00364EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/17 12:0 a.m.3 views

WordPress plugin Image Zoom security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.5CVSS6.6AI score0.00364EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/07/27 12:0 a.m.11 views

WordPress Video Conferencing with Zoom Plugin <= 4.2.1 is vulnerable to Sensitive Data Exposure

Software Video Conferencing with Zoom Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-3947 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID 55e6071a651c Credits Lana Codes...

5.3CVSS6.9AI score0.00322EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/07/26 4:15 a.m.21 views

Hardcoded credentials

The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'vczapiencryptdecrypt' function in versions up to, and including, 4.2.1. This makes it possible for unauthenticated attackers to decrypt and view the meetin...

5CVSS5.4AI score0.00322EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/26 3:34 a.m.9 views

CVE-2023-3947

The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'vczapiencryptdecrypt' function in versions up to, and including, 4.2.1. This makes it possible for unauthenticated attackers to decrypt and view the meetin...

3.7CVSS5.2AI score0.00322EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.5 views

WordPress Plugin Video Conferencing with Zoom 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.3CVSS6.8AI score0.00322EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.9 views

PT-2023-26960 · WordPress · Video Conferencing With Zoom

Name of the Vulnerable Software and Affected Versions: Video Conferencing with Zoom plugin for WordPress versions up to, and including, 4.2.1 Description: The issue is related to Sensitive Information Exposure due to a hardcoded encryption key in the vczapi encrypt decrypt function. This allows...

5.3CVSS6.1AI score0.00322EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/01/16 3:38 p.m.6 views

CVE-2022-4578 Video Conferencing with Zoom < 4.0.10 - Contributor+ Stored XSS

The Video Conferencing with Zoom WordPress plugin before 4.0.10 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used again...

6.1AI score0.00471EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/01/16 12:0 a.m.6 views

WordPress plugin Video Conferencing with Zoom 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
Patchstack
Patchstack
added 2022/05/31 12:0 a.m.8 views

WordPress Video Conferencing with Zoom plugin <= 3.9.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Video Conferencing with Zoom plugin versions = 3.9.2. Solution Update the WordPress Video Conferencing with Zoom plugin to the latest available version at least 3.9.3...

2.3AI score
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.30 views

WordPress plugin 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress eRoom-Zoom Meetings & Webinar plugin 1.3.7 an...

4.3CVSS5.7AI score0.00432EPSS
Exploits0References3
CNVD
CNVD
added 2021/09/29 12:0 a.m.24 views

Microsoft Outlook Input Validation Error Vulnerability

Microsoft Outlook is a set of email applications from Microsoft Corporation USA. Microsoft Outlook is vulnerable to an input validation error that originates from a failure to properly validate the validity of the package during the product's Zoom Plugin installation. An attacker could cause an...

7.8CVSS3.2AI score0.00221EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/29 12:0 a.m.16 views

Zoom Plugin Code Execution Vulnerability

Zoom Plugin is a plug-in from Zoom ZOOM, Inc. A security vulnerability exists in previous versions of Zoom Plugin for Microsoft Outlook for MacOS 5.3.52553.0918, which stems from a Time of Check Use TOC TOU vulnerability included in the plug-in installation process. An attacker could exploit this...

7.5CVSS3.2AI score0.00566EPSS
Exploits0References1
NVD
NVD
added 2021/09/27 2:15 p.m.24 views

CVE-2021-34410

A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root...

7.8CVSS0.00221EPSS
Exploits0References1
Prion
Prion
added 2021/09/27 2:15 p.m.14 views

Code injection

All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use TOC/TOU vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin directory, allowing the...

6CVSS7.4AI score0.00566EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/27 1:55 p.m.28 views

CVE-2021-34410

A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root...

8AI score0.00221EPSS
Exploits0References1
Rows per page
Query Builder