EUVD-2024-47620

Malicious code in bioql PyPI...

WordPress Add Admin CSS plugin <= 2.0.1 - Unauthenticated Full Path Dislcosure vulnerability

Unauthenticated Full Path Dislcosure vulnerability discovered by stealthcopter in WordPress Plugin Add Admin CSS versions = 2.0.1...

WordPress Add Admin CSS Plugin <= 2.0.1 is vulnerable to Sensitive Data Exposure

Software Add Admin CSS Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6547 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 61a3002a46fe Credits stealthcopter Required privile...

CVE-2024-6547

The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of t...

CVE-2024-6547 Add Admin CSS <= 2.0.1 - Unauthenticated Full Path Dislcosure

The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of t...

CVE-2024-6547 Add Admin CSS <= 2.0.1 - Unauthenticated Full Path Dislcosure

The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of t...

WordPress plugin Add Admin CSS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-37704 · WordPress · Add Admin Css

Name of the Vulnerable Software and Affected Versions: Add Admin CSS plugin for WordPress versions up to, and including, 2.0.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin uses bootstrap and leaves test files with display errors on. This allows...

CVE-2022-40700

Server-Side Request Forgery SSRF vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP – Membership plugin for WordPress a...

CVE-2022-40700

Server-Side Request Forgery SSRF vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP – Membership plugin for WordPress a...

PT-2024-11631 · Agence Press · Css Adder By Agence-Press

Name of the Vulnerable Software and Affected Versions: Montonio for WooCommerce versions 6.0.1 and earlier Wpopal Core Features versions 1.5.8 and earlier ArcStone wp-amo versions 4.6.6 and earlier WooVirtualWallet – A virtual wallet for WooCommerce versions 2.2.1 and earlier WooVIP – Membership...

WordPress plugin Admin CSS MU code issue vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the...

GHSA-J5C3-R84F-9596 Arbitrary File Read in Admin JS CSS files

Impact It was observed that the /admin/misc/script-proxy API endpoint accessible by an authenticated administrator user and is vulnerable arbitrary JavaScript, CSS file read via the "scriptPath" and "scripts" parameters. The "scriptPath" parameter is not sanitized properly and is vulnerable to pa...

WordPress Admin CSS MU Plugin <= 2.6 is vulnerable to Server Side Request Forgery (SSRF)

Software Admin CSS MU Type Plugin Vulnerable versions = 2.6 Fixed in 2.7 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f8576e8732f6 Credits Dave Jong Patchstack Required privile...