1143 matches found
CVE-2024-4371
CVE-2024-4371 applies to the WordPress plugin “CoDesigner – Elementor Addon for WooCommerce” (CoDesigner WooCommerce Builder for Elementor). It describes an unauthenticated PHP Object Injection in versions up to 4.4.1 caused by deserialization of untrusted input from the recently_viewed_products ...
CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More < 4.5 - Unauthenticated PHP Object Injection
Description The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recentlyviewedproducts cookie. Thi...
ghtml Cross-Site Scripting (XSS) vulnerability
Summary It is possible to introduce user-controlled JavaScript code and trigger a Cross-Site Scripting XSS vulnerability in some cases. Actions Taken - Updated the documentation to clarify that while ghtml escapes characters with special meaning in HTML, it does not provide comprehensive protecti...
CVE-2023-45707
HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional attacks...
CVE-2023-45707
CVE-2023-45707 affects HCL Connections Docs. Connected PT-security data specifies that versions prior to 2.0.2 are vulnerable to cross-site scripting, enabling an attacker to leverage the issue to execute arbitrary code and potentially disclose credentials. The remediation is to upgrade to a vers...
CVE-2023-45707 HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS)
HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional attacks...
CVE-2023-45707 HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS)
HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional attacks...
CVE-2024-33999 moodle: unsafe direct use of $_SERVER['HTTP_REFERER'] in admin/tool/mfa/index.php
The referrer URL used by MFA required additional sanitizing, rather than being used directly...
Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC 1. Go to the plugin settings 2. In the "Additional CSS" field, enter the payload...
Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed 1. Go to the plugin settings 2. In the "Additional CSS" field, enter the payload 3. Save...
vantage6 安全漏洞
vantage6 is a vantage6 open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A security vulnerability exists in versions of vantage6 prior to 4.5.0 that stems from the ability of collaboration administrators to add additional organizations to their...
PT-2024-25015 · Vantage6 · Vantage6
Name of the Vulnerable Software and Affected Versions: vantage6 versions prior to 4.5.0rc3 Description: The issue allows collaboration administrators to add extra organizations to their collaboration, extending their influence. They can create new users for which they know the passwords and use...
CVE-2023-52679 of: Fix double free in of_parse_phandle_with_args_map
In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in ofparsephandlewithargsmap In ofparsephandlewithargsmap the inner loop that iterates through the map entries calls ofnodeputnew to free the reference acquired by the previous iteration of the inner loop. Thi...
CVE-2024-3263 Improper authentication in YMS VIS Pro
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and farm. Due to a combination of improper method for system credentials generation and weak password policy, passwords can be easily guessed and enumerated through brute force attacks. Successful attacks c...
CVE-2024-3263
CVE-2024-3263 affects YMS VIS Pro due to improper system-credentials generation and weak password policy, enabling brute-force login attempts. Public details identify affected versions as VIS Pro 3.3.0.7). There is no explicit exploitation details or public in-the-wild exploit information provide...
CVE-2024-34346 Deno contains a permission escalation via open of privileged files with missing `--deny` flag
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access...
CVE-2024-20821
CVE-2024-20821 affects Samsung Exynos SoCs (e.g., Exynos1380, Exynos1330, Exynos2400) where a vulnerability allows a local attacker to reconfigure OTP and transit into RMA mode, disabling security features. The underlying issue is a reconfigurable OTP that requires an additional privilege to cont...
CVE-2024-3240 ConvertPlug <= 3.5.25 - Authenticated (Contributor+) PHP Object Injection
The ConvertPlug plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.25 via deserialization of untrusted input from the 'settingsencoded' attribute of the 'smileinfobar' shortcode. This makes it possible for authenticated attackers, with...
CVE-2024-3240
CVE-2024-3240 affects the ConvertPlug (ConvertPlus) WordPress plugin up to version 3.5.25. It allows authenticated users withContributor+ access to trigger a PHP Object Injection via deserialization of untrusted data in the shortcodes’ settings_encoded attribute of the smile_info_bar element, pot...
GHSA-V63G-V339-2673 Jenkins Script Security Plugin has sandbox bypass vulnerability involving crafted constructor bodies
Jenkins Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call ...