266 matches found
CVE-2021-25090
The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as subscriber, to call them. Due to the lack of sanitisation and escaping, it could also allows...
CVE-2025-40619
Bookgy suffers an improper access control vulnerability that could permit unauthenticated users to reach private or role-specific areas. The issue is described as insufficient authorization across multiple areas of the application, with a high impact on confidentiality (and a high impact on integ...
Debian dla-4043 : openjdk-17-dbg - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4043 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4043-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DSA 5857-1] openjdk-17 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5857-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 03, 2025 https://www.debian.org/security/faq -...
Debian dsa-5785 : mediawiki - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5785 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5785-1 [email protected] https://www.debian.org/security/ Moritz...
CVE-2024-1747
The WooCommerce Customers Manager WordPress plugin before 30.2 does not have authorisation and CSRF in various AJAX actions, allowing any authenticated users, such as subscriber, to call them and update/delete/create customer metadata, also leading to Stored Cross-Site Scripting due to the lack o...
CVE-2024-1747
CVE-2024-1747 concerns the WooCommerce Customers Manager WordPress plugin. Multiple sources (NVD/Red Hat/CVE records) describe that products before version 30.2 suffer from missing authorization checks and CSRF protections in various AJAX actions, allowing authenticated users (e.g., subscribers) ...
CVE-2023-7268 ArtPlacer Widget < 2.21.2 - Subscriber+ Arbitrary Widget Deletion
The ArtPlacer Widget WordPress plugin before 2.21.2 does not have authorisation check in place when deleting widgets, allowing ay authenticated users, such as subscriber, to delete arbitrary widgets...
CVE-2023-7268 ArtPlacer Widget < 2.21.2 - Subscriber+ Arbitrary Widget Deletion
The ArtPlacer Widget WordPress plugin before 2.21.2 does not have authorisation check in place when deleting widgets, allowing ay authenticated users, such as subscriber, to delete arbitrary widgets...
CVE-2024-5570
CVE-2024-5570 affects the Simple Photoswipe WordPress plugin (version
CVE-2024-1756 WooCommerce Customers Manager < 29.8 - Subscriber+ Email Disclosure
The WooCommerce Customers Manager WordPress plugin before 29.8 does not have authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber, to call it and retrieve the list of customer email addresses along with their id, first name and last name...
CVE-2024-0780
The CVE-2024-0780 affects the WordPress plugin Enjoy Social Feed (versions up to 6.2.2). The underlying issue is Broken Access Control: the database reset function lacks authorization, allowing any authenticated user (e.g., Subscribers) to reset the plugin’s database. Reported CVSS v3.1 base metr...
CVE-2023-7202
The Fatal Error Notify WordPress plugin before 1.5.3 does not have authorisation and CSRF checks in its testerror AJAX action, allowing any authenticated users, such as subscriber to call it and spam the admin email address with error messages. The issue is also exploitable via CSRF...
Ski & bike helmets protect your head, not location or voice
TL;DR Livall smart ski and bike helmet app leaks the wearers real time position Group audio chat allows snooping on conversations Both issues are due to missing authorisation Bike app affects 1 million users, ski app affects a few thousand users Fixed by the vendor, but after we had to call on a...
12 Step Meeting List < 3.14.29 - Subscriber+ CSV Download
Description The plugin does not have authorisation in its csv AJAX action, allowing any authenticated users, such a subscriber to export meetings and gain access to sensitive information...
CVE-2023-6384
The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar...
CVE-2023-6384 WP User Profile Avatar < 1.0.1 - Author+ Avatar Deletion/Update via IDOR
The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar...
CVE-2023-6384
CVE-2023-6384 affects the WP User Profile Avatar WordPress plugin, vulnerable in versions before 1.0.1. The issue is an authorization/IDOR flaw that lets authors delete or update arbitrary avatars due to improper access checks. Impact is limited to avatar management (not full site compromise) as ...
Exploit for Improper Input Validation in Kubernetes Ingress-Nginx
CVE-2023-5044 Ingress Nginx Exploit Proof-Of-Concept This is...
CVE-2024-0238
The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata...