WordPress plugin Cloudways Breeze 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Cloudways Breeze plugin 2.0.2 and earlier versions have a cross-site scripting vulnerabilit...

Low: Red Hat Security Advisory: Red Hat AMQ Broker 7.8.6 release and security update

Red Hat AMQ Broker 7.8.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2022-0656

The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter in its udrawconverturltobase64 AJAX action available to both unauthenticated and authenticated users before using it in the filegetcontents function and returning its content base64 encoded in the...

CVE-2022-0287

The myCred WordPress plugin before 2.4.4.1 does not have any authorisation in place in its mycred-tools-select-user AJAX action, allowing any authenticated user, such as subscriber to call and retrieve all email addresses from the blog...

PT-2022-13096 · WordPress · Mycred

Name of the Vulnerable Software and Affected Versions: myCred WordPress plugin versions prior to 2.4.4.1 Description: The issue affects the myCred WordPress plugin, where the mycred-tools-select-user AJAX action lacks authorization, allowing any authenticated user to retrieve all email addresses...

WordPress plugin Donations SQL注入漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin Donations plugin SQL injection vulnerability, the vulnerability stems from the inability to properly clean up and escape the...

WordPress plugin Menubar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugins Easy Social Feed Free 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Easy Social Feed Free plugin is vulnerable to a cross-site scripting vulnerability that stems from...

Low: Red Hat Security Advisory: Red Hat Decision Manager 7.12.1 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

CVE-2022-0447

The Post Grid WordPress plugin before 2.1.16 does not sanitise and escape the posttypes parameter before outputting it back in the response of the postgridupdatetaxonomiestermsbyposttypes AJAX action, available to any authenticated users, leading to a Reflected Cross-Site Scripting...

Denial Of Service (DoS)

libnbd is vulnerable to denial of service. The vulnerability exists when performing multi-threaded copies using asynchronous nbd calls which results in the silent creation of a corrupted destination image...

zbzcms SQL注入漏洞

zbzcms Station Helper CMS is a content management website of China Station Helper CMS zbzcms Inc. zbzcms version 1.0 has a SQL injection vulnerability, which originates from a SQL injection vulnerability found through the id parameter of /php/ajax.php. No detailed vulnerability details are...

@0xcert/ethereum-bitski-backend-provider (>=2.0.0 <=2.0.3), @0xcert/ethereum-bitski-frontend-provider (>=2.0.0 <=2.0.3) +855 more potentially affected by CVE-2021-43138 via async (>=3.0.0 <=3.2.1)

async NPM version =3.0.0, =2.0.0, =2.0.0, =4.3.0, =0.0.6-1, =3.6.5, =0.0.73, =1.5.1, =1.7.58, =0.0.1, =1.3.6, =13.0.6, =5.1.1, =1.3.1, =0.0.2, =0.4.0-next.28 - @ahm-monash/private-test =1.0.0 and more Source cves: CVE-2021-43138 Source advisory: OSV:GHSA-FWR7-V2MV-HH25...

WordPress plugin SpeakOut! Email Petitions SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress SpeakOut! dkspeakoutsendmail AJAX operation is not cleaned up and escaped before the id parameter is used, an attacker can u...

CVE-2022-0694

The Advanced Booking Calendar WordPress plugin before 1.7.0 does not validate and escape the calendar parameter before using it in a SQL statement via the abcbookinggetSingleCalendar AJAX action available to both unauthenticated and authenticated users, leading to an unauthenticated SQL injection...

libnbd: nbdcopy: missing error handling may create corrupted destination image

A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...

WordPress plugin Advanced Booking Calendar SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. WordPress plugin Advanced Booking Calendar version prior to...

WordPress plugin BookingPress SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. WordPress plugin BookingPress 1.0.11 version befor...

WordPress plugin Infographic Maker SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A SQL injection vulnerability exists in the WordPress plugin...

WordPress plugin FormCraft 代码问题漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A code issue vulnerability previously existed in the WordPres...