39 matches found
quark-auto-save 安全漏洞
Quark-auto-save is a personal development tool created by Cp0204, designed for automatic transfer of data to Quark Cloud Storage and management of sign-ins. Versions of quark-auto-save prior to 0.8.5 contained security vulnerabilities. These vulnerabilities stemmed from a batch assignment...
CVE-2023-40671
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
EUVD-2023-45227
Malicious code in bioql PyPI...
CVE-2025-7843
The Auto Save Remote Images Drafts plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.9 via the fetchimages function. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to...
WordPress plugin Auto Save Remote Images (Drafts) 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
WordPress Auto Save Remote Images (Drafts) plugin <= 1.0.9 - Authenticated (Contributor+) Server-Side Request Forgery vulnerability
Authenticated Contributor+ Server-Side Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Save Remote Images Drafts versions = 1.0.9...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
January 28, 2025—KB5050094 (OS Build 26100.3037) Preview
January 28, 2025—KB5050094 OS Build 26100.3037 Preview or information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 24H2, see its update history page. Note Follow @WindowsUpdate to...
WordPress QQWorld Auto Save Images plugin <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval vulnerability
Missing Authorization to Arbitrary Post Content Retrieval vulnerability discovered by Francesco Carlucci in WordPress Plugin QQWorld Auto Save Images versions = 1.9.8...
WordPress QQWorld Auto Save Images Plugin <= 1.9.8 is vulnerable to Broken Access Control
Software QQWorld Auto Save Images Type Plugin Vulnerable versions = 1.9.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1324 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 67a28d48882a Credits Francesco Carlucci...
CVE-2024-1324 QQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval
The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the saveremoteimagesgetautosavedresults function hooked via a norpriv AJAX in all versions up to, and including, 1.9.8. This makes it possible for unauthenticated...
QQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval
Description The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the saveremoteimagesgetautosavedresults function hooked via a norpriv AJAX in all versions up to, and including, 1.9.8. This makes it possible for...
CVE-2023-40671
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
CVE-2023-40671
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in ??wp DX-auto-save-images plugin = 1.4.0 versions...
CVE-2023-40671
CVE-2023-40671 concerns the WordPress plugin DX-auto-save-images (vulnerable
CVE-2023-40671 WordPress DX-auto-save-images Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
CVE-2023-40671 WordPress DX-auto-save-images Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
PT-2023-27591 · 大侠Wp · Dx-Auto-Save-Images
Name of the Vulnerable Software and Affected Versions: 大侠wp DX-auto-save-images plugin versions 1.4.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the use...
WordPress Plugin dx-auto-save-images Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...