96 matches found
CVE-2024-11219 Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 3.0.6 - Unauthetnicated Path Traversal to Arbitrary Image View
The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.0.6 via the getimage function. This makes it possible for unauthenticated attackers to view arbitrary images on the server, whi...
PT-2024-28731 · Npm · @Jmondi/Url-To-Png
Name of the Vulnerable Software and Affected Versions: @jmondi/url-to-png versions prior to 2.1.2 Description: The issue arises from the lack of sanitization of the ImageId input in the code, leading to a path traversal vulnerability. This allows an attacker to store an image in an arbitrary...
CVE-2022-0377 LearnPress < 4.1.5 - Arbitrary Image Renaming
Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the...
Wordpress Plugin Learnpress 加密问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An encryption issue vulnerability...
WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming
Exploit Title: WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming Date: 08-01-2022 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://thimpress.com/ Software Link: https://thimpress.com/learnpress-plugin/ Version: 4.1.4.1 Tested...
LearnPress < 4.1.5 - Arbitrary Image Renaming
Users of the plugin can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request,...
LearnPress < 4.1.5 - Arbitrary Image Renaming
Users of the plugin can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request,...
WordPress LearnPress plugin <= 4.1.4.1 - Arbitrary Image Renaming vulnerability
Arbitrary Image Renaming vulnerability discovered by Ceylan Bozogullarindan in WordPress LearnPress plugin versions = 4.1.4.1. Solution Update the WordPress LearnPress plugin to the latest available version at least 4.1.5...
Images to WebP < 1.9 - Multiple Cross Site Request Forgery (CSRF)
The plugin does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion PoC The PoC varies based on the endpoint targeted. Here is one example that will modify the...
Stylish Price List < 6.9.0 - Unauthenticated Arbitrary Image Upload
The plugin does not perform capability checks in its spluploadserimg AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload images. v6.9.0 removed the unauthenticated hook, however, no capability and CSRF checks were implemented,...
WordPress Stylish Price List plugin <= 6.9.0 - Arbitrary Image Upload vulnerability
Arbitrary Image Upload vulnerability discovered by apple502j in WordPress Stylish Price List plugin versions = 6.9.0. Solution Update the WordPress Stylish Price List plugin to the latest available version at least 6.9.1...
Stylish Price List < 6.9.1 - Subscriber+ Arbitrary Image Upload
The plugin does not perform capability checks in its spluploadserimg AJAX action available to authenticated users, which could allow any authenticated users, such as subscriber, to upload arbitrary images...
WordPress Stylish Price List plugin <= 6.8.14 - Unauthenticated Arbitrary Image Upload vulnerability
Unauthenticated Arbitrary Image Upload vulnerability discovered by apple502j in WordPress Stylish Price List plugin versions = 6.8.14. Solution Update the WordPress Stylish Price List plugin to the latest available version at least 6.9.0...
CVE-2021-3495
An incorrect access control flaw was found in the kiali-operator in versions before 1.33.0 and before 1.24.7. This flaw allows an attacker with a basic level of access to the cluster to deploy a kiali operand to use this vulnerability and deploy a given image to anywhere in the cluster, potential...
DEBIAN-CVE-2020-10648
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration...
CVE-2019-3895
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested t...
CVE-2019-3895
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested t...
UBUNTU-CVE-2019-3895
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested t...
PYSEC-2019-194
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested t...
CVE-2019-3895
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested t...