PT-2024-20543 · Unknown · Casaos-Userservice

Name of the Vulnerable Software and Affected Versions: CasaOS-UserService versions prior to 0.4.7 Description: The issue concerns a path traversal vulnerability in the UserService API, which allows an unauthorized actor to access any file on the system due to insufficient path filtering for user...

GHSA-XCVV-84J5-JW9H Prototype Pollution in assign-deep

Versions of assign-deep before 0.4.7 are vulnerable to prototype pollution via merging functions. Recommendation Update to version 0.4.7 or later...

WordPress Crony Cronjob Manager Plugin Cross-Site Request Forgery Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site.Crony Cronjob Manager plugin is one of the plug-ins used to create and manage Cronjobs. A cross-site request...