147 matches found
WordPress Tutor LMS Pro Plugin <= 2.7.0 is vulnerable to Privilege Escalation
Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-4351 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID fc3d215c9303 Credits villu164...
WordPress XStore Core Plugin <= 5.3.8 is vulnerable to Privilege Escalation
Software XStore Core Type Plugin Vulnerable versions = 5.3.8 Fixed in 5.3.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-33552 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID d1199dede4c1 Credits Rafie...
WordPress Frontend Admin by DynamiApps Plugin <= 3.19.4 is vulnerable to Privilege Escalation
Software Frontend Admin by DynamiApps Type Plugin Vulnerable versions = 3.19.4 Fixed in 3.19.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-3729 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4ebfbce29f56...
WordPress MasterStudy LMS Plugin <= 3.3.1 is vulnerable to Privilege Escalation
Software MasterStudy LMS Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-2409 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 8dbe36bee6fd Credits Hiroho...
WordPress JobSearch Plugin < 2.3.4 is vulnerable to Broken Authentication
Software JobSearch Type Plugin Vulnerable versions 2.3.4 Fixed in 2.3.4 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2023-6584 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID f4a18b4236e5 Credits Marc Montpas...
Route-Detect - Find Authentication (Authn) And Authorization (Authz) Security Bugs In Web Application Routes
Find authentication authn and authorization authz security bugs in web application routes: Web application HTTP route authn and authz bugs are some of the most common security issues found today. These industry standard resources highlight the severity of the issue: 2021 OWASP Top 10 1 - Broken...
WordPress InstaWP Connect Plugin <= 0.1.0.8 is vulnerable to Privilege Escalation
Software InstaWP Connect Type Plugin Vulnerable versions = 0.1.0.8 Fixed in 0.1.0.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-22145 Patch priority High CVSS severity High 8.8 Developer InstaWP PSID f661e38694ec Credits Majed Refae...
WordPress Checkout Mestres WP Plugin <= 7.1.9.7 is vulnerable to Privilege Escalation
Software Checkout Mestres WP Type Plugin Vulnerable versions = 7.1.9.7 Fixed in 7.1.9.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-51472 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 9fb8ab95cc18 Credits...
WordPress JetEngine Plugin <= 3.2.4 is vulnerable to Privilege Escalation
Software JetEngine Type Plugin Vulnerable versions = 3.2.4 Fixed in 3.2.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-48757 Patch priority Medium CVSS severity Medium 8.8 Developer Crocoblock PSID 629276ed62fc Credits Rafie Muhammad...
glib2 security and bug fix update
2.68.4-11 - Really fix authentication failures when sd-bus clients connect to GDBus servers - Resolves: 2217771 2.68.4-10 - Fix authentication failures when sd-bus clients connect to GDBus servers - Resolves: 2217771 2.68.4-9 - Resolve s390x crashes introduced by fixes for...
WordPress WP User Frontend Plugin <= 3.6.5 is vulnerable to Privilege Escalation
Software WP User Frontend Type Plugin Vulnerable versions = 3.6.5 Fixed in 3.6.6 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-47682 Patch priority High CVSS severity High 7.2 Developer Claim ownership PSID 55cf1b7c7f7f Credits Rafie...
WordPress Simple Membership Plugin <= 4.3.4 is vulnerable to Privilege Escalation
Software Simple Membership Type Plugin Vulnerable versions = 4.3.4 Fixed in 4.3.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-41957 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 1bb17eda4daa Credits Rafie...
WordPress MasterStudy LMS Plugin < 3.0.18 is vulnerable to Privilege Escalation
Software MasterStudy LMS Type Plugin Vulnerable versions 3.0.18 Fixed in 3.0.18 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-4278 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 7e43b36b9353 Credits Revan...
WordPress JupiterX Core Plugin <= 3.3.8 is vulnerable to Privilege Escalation
Software JupiterX Core Type Plugin Vulnerable versions = 3.3.8 Fixed in 3.4.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-38389 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID bb67776164d1 Credits Rafie...
WordPress Stripe Payment Gateway for WooCommerce Plugin <= 3.7.7 is vulnerable to Privilege Escalation
Software Stripe Payment Gateway for WooCommerce Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-3162 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID...
WordPress Shop as a Customer for WooCommerce Plugin < 1.1.8 is vulnerable to Privilege Escalation
Software Shop as a Customer for WooCommerce Type Plugin Vulnerable versions 1.1.8 Fixed in 1.1.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE N/A Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 05b83bfeee18 Credits...
WordPress Shop as a Customer for WooCommerce Plugin < 1.2.4 is vulnerable to Privilege Escalation
Software Shop as a Customer for WooCommerce Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE N/A Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 10934473fa31 Credi...
WordPress JetFormBuilder Plugin <= 3.0.8 is vulnerable to Privilege Escalation
Software JetFormBuilder Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-37866 Patch priority Medium CVSS severity Medium 7.2 Developer Crocoblock PSID bb75400351be Credits Rafie...
WordPress Booking Package Plugin <= 1.5.98 is vulnerable to Privilege Escalation
Software Booking Package Type Plugin Vulnerable versions = 1.5.98 Fixed in 1.5.99 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-37389 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 0ff1d9e379c0 Credits Rafie...
SUSE CVE-2005-2531
OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial o...