282 matches found
The vulnerability of the Adobe Animate software for creating multimedia and computer animations, related to a countable loss of significance, allows attackers to execute arbitrary code.
The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to a countable amount of significance loss. Exploiting this vulnerability allows an attacker to execute arbitrary code...
CVE-2024-11082 Tumult Hype Animations <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimationspanel function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to...
CVE-2024-11082 Tumult Hype Animations <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimationspanel function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to...
WordPress plugin Tumult Hype Animations 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...
PT-2024-16745 · Tumult · Tumult Hype Animations
Name of the Vulnerable Software and Affected Versions: Tumult Hype Animations plugin for WordPress versions up to, and including, 1.9.15 Description: The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimations...
WordPress Tumult Hype Animations plugin <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function vulnerability
Authenticated Author+ Arbitrary File Upload via hypeanimationspanel Function vulnerability discovered by vgo0 in WordPress Plugin Tumult Hype Animations versions = 1.9.15...
Fedora 40 : webkitgtk (2024-4d940908db)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4d940908db advisory. Update to WebKitGTK 2.46.3: Flatten layers to a plane when preseve-3d style is set. Fix DuckDuckGo links by adding a user agent quirk. Fix several...
CVE-2024-10543
The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimationsgetcontent function in all versions up to, and including, 1.9.14. This makes it possible for authenticated attackers, with Subscriber-level access an...
CVE-2024-10543
CVE-2024-10543 affects Tumult Hype Animations plugin for WordPress. The vulnerability is a missing capability check in hypeanimations_getcontent that enables authenticated users with Subscriber-level access or higher to retrieve animation data. It affects all versions up to and including 1.9.14. ...
CVE-2024-10543 Tumult Hype Animations <= 1.9.14 - Missing Authorization
The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimationsgetcontent function in all versions up to, and including, 1.9.14. This makes it possible for authenticated attackers, with Subscriber-level access an...
WordPress plugin Tumult Hype Animations 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Tumult Hype Animations plugin <= 1.9.14 - Missing Authorization vulnerability
Missing Authorization vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Tumult Hype Animations versions = 1.9.14...
PT-2024-16357 · Tumult · Tumult Hype Animations
Name of the Vulnerable Software and Affected Versions: Tumult Hype Animations plugin for WordPress versions up to, and including, 1.9.14 Description: The issue is related to unauthorized access of data due to a missing capability check on the hypeanimations getcontent function. This allows...
WordPress Tumult Hype Animations Plugin <= 1.9.14 is vulnerable to Broken Access Control
Software Tumult Hype Animations Type Plugin Vulnerable versions = 1.9.14 Fixed in 1.9.15 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10543 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1d6ac9386f94 Credits Tieu Pham Trong Nhan...
CVE-2024-49308 WordPress Animator – Scroll Triggered Animations plugin <= 3.0.15 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Animator scroll-triggered-animations allows Reflected XSS.This issue affects Animator: from n/a through = 3.0.15...
[SECURITY] Fedora 40 Update: qt6-qtlottie-6.7.1-1.fc40
Qt Lottie Animation provides a QML API for rendering graphics and animations that are exported in JSON format by the Bodymovin plugin for Adobe After Effects...
The vulnerability of the Adobe Animate software for creating multimedia and computer animations, related to integer overflow, allows attackers to execute arbitrary code.
The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code...
CVE-2024-3189
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Testimonial', 'Progress Bar', 'Lottie Animations', 'Row Layout', 'Google Maps', and 'Advanced Gallery' blocks in all versions up to, and including,...
CVE-2024-3189 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Testimonial', 'Progress Bar', 'Lottie Animations', 'Row Layout', 'Google Maps', and 'Advanced Gallery' blocks in all versions up to, and including,...
CVE-2024-3189
CVE-2024-3189 affects Gutenberg Blocks by Kadence Blocks – Page Builder Features for WordPress. All versions ≤ 3.2.37 are vulnerable to Stored XSS via the plugin blocks (Testimonial, Progress Bar, Lottie Animations, Row Layout, Google Maps, Advanced Gallery) due to insufficient input sanitization...