55 matches found
EUVD-2018-18114
Malware in sbrugna...
EUVD-2023-43624
Malicious code in bioql PyPI...
EUVD-2024-17226
Malicious code in bioql PyPI...
EUVD-2024-35507
Malicious code in bioql PyPI...
EUVD-2023-59121
Malicious code in bioql PyPI...
CVE-2024-1476
The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6 via the REST API. This makes it possible for unauthenticated attackers to obtain the contents of posts and pages when maintenance mo...
CVE-2024-35749
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6...
CVE-2023-39926
Unauth. Stored Cross-Site Scripting XSS vulnerability in Acurax Under Construction / Maintenance Mode from Acurax plugin = 2.6 versions...
CVE-2023-6922
The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.6 via the 'acxcsmasubscribeajax' function. This can allow authenticated attackers to extract sensitive data such as names and email...
CVE-2018-6357
The acxasmwsaveordercallback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant socialwidgeticonarrayorder XSS...
Under Construction / Maintenance Mode from Acurax <= 2.6 - Unauthenticated IP Spoofing
Description The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 2.6 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. This makes...
CVE-2024-35749
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6...
CVE-2024-35749
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6...
CVE-2024-35749
CVE-2024-35749 describes an unauthenticated IP spoofing flaw in the Acurax Under Construction / Maintenance Mode WordPress plugin, affecting versions up to 2.6. The vulnerability enables bypass of access controls by spoofing the client IP, effectively allowing an attacker to bypass maintenance mo...
CVE-2024-35749 WordPress Under Construction / Maintenance Mode from Acurax plugin <= 2.6 - IP Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6...
CVE-2024-35749 WordPress Under Construction / Maintenance Mode from Acurax plugin <= 2.6 - IP Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6...
WordPress Under Construction / Maintenance Mode from Acurax plugin <= 2.6 - IP Bypass vulnerability
IP Bypass vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Under Construction / Maintenance Mode from Acurax versions = 2.6...
WordPress Under Construction / Maintenance Mode from Acurax Plugin <= 2.6 is vulnerable to Bypass Vulnerability
Software Under Construction / Maintenance Mode from Acurax Type Plugin Vulnerable versions = 2.6 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-35749 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID f51ad499112f Credits Mika...
CVE-2024-1476
The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6 via the REST API. This makes it possible for unauthenticated attackers to obtain the contents of posts and pages when maintenance mo...
CVE-2023-6922
The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.6 via the 'acxcsmasubscribeajax' function. This can allow authenticated attackers to extract sensitive data such as names and email...