CVE-2024-55992

Missing Authorization vulnerability in Open Tools WooCommerce Basic Ordernumbers woocommerce-basic-ordernumbers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Basic Ordernumbers: from n/a through = 1.4.4...

CVE-2024-55992

CVE-2024-55992 corresponds to a Missing Authorization issue in the WooCommerce Basic Ordernumbers plugin. Connected sources confirm the affected software is WooCommerce Basic Ordernumbers, with vulnerable version range up to 1.4.4, and indicate the patch status as Unpatched in at least one report...

CVE-2024-55992 WordPress WooCommerce Basic Ordernumbers plugin <= 1.4.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Open Tools WooCommerce Basic Ordernumbers woocommerce-basic-ordernumbers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Basic Ordernumbers: from n/a through = 1.4.4...

CVE-2024-55992 WordPress WooCommerce Basic Ordernumbers plugin <= 1.4.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Open Tools WooCommerce Basic Ordernumbers woocommerce-basic-ordernumbers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Basic Ordernumbers: from n/a through = 1.4.4...

WordPress plugin WooCommerce Basic Ordernumbers 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

The vulnerability of the application software interface “basic_htm” of the microprogramming devices used in multifunctional wireless access points of Advantech models EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the application software interface “basichtm” of the microprogramming devices used in multifunctional wireless access points of Advantech models EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO exists due to the lack of measures taken to neutralize the special elements used...

WordPress WooCommerce Basic Ordernumbers plugin <= 1.4.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin WooCommerce Basic Ordernumbers versions = 1.4.4...

CVE-2024-54223

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Contact Form - Repute InfoSystems ARForms Form Builder allows Code Injection.This issue affects ARForms Form Builder: from n/a through 1.7.1...

CVE-2023-47869

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in gVectors Team wpForo Forum allows Code Injection.This issue affects wpForo Forum: from n/a through 2.2.5...

Malicious code in basic-preset-minting (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 33b65f9b8e24a04584f5798fc805e84fb63d5891a9b9db633e13c05d4db2feb7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-50368

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to circumvent existing security restrictions.

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a malicious actor to circumvent existing security restrictions remotely...

Multiple vulnerabilities in Edgecross Basic Software for Windows

Overview Edgecross Basic Software for Windows provided by Edgecross Consortium contains multiple vulnerabilities listed below. Incorrect default permissions CWE-276 - CVE-2024-4229 External control of file name or path CWE-73 - CVE-2024-4230 Edgecross Consortium reported these vulnerabilities to...

Edgecross Basic Software 安全漏洞

Edgecross Basic Software is a software platform used in the Edge Computing space from Edgecross, Inc. that provides a variety of features to support data utilization and processing. A security vulnerability exists in Edgecross Basic Software ECP-BS1-W-D 1.00 and earlier versions, which originates...

Edgecross Basic Software 安全漏洞

Edgecross Basic Software is a software platform used in the Edge Computing space from Edgecross, Inc. that provides a variety of features to support data utilization and processing. A security vulnerability exists in Edgecross Basic Software ECP-BS1-W 1.00 and prior versions, which stems from...

CVE-2024-51937

CVE-2024-51937: WordPress WordPress plugin IA Map Analytics Basic (affected versions up to 20170413) is reported to have a DOM-based cross-site scripting (XSS) vulnerability due to improper input neutralization during page generation. The entry specifies Cross-site Scripting as the vulnerability ...

CVE-2024-51937 WordPress IA Map Analytics Basic plugin <= 20170413 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bnisia IA Map Analytics Basic ia-map-analytics-basic allows DOM-Based XSS.This issue affects IA Map Analytics Basic: from n/a through = 20170413...

WordPress plugin IA Map Analytics Basic 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

The vulnerabilities of the OPC UA server software of the SIMATIC Energy Manager Basic and SIMATIC Energy Manager PRO systems, as well as the SIMATIC IPC DiagBase micro-programming device, and the SIMIT simulation modeling software, allow a malicious actor to trigger maintenance failures.

The vulnerability of the OPC UA server of the SIMATIC Energy Manager Basic and SIMATIC Energy Manager PRO systems, as well as the SIMATIC IPC DiagBase micro-programming device, and the SIMIT simulation software, is related to improper management of sequential memory distribution. Exploiting this...

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...