3 matches found
CVE-2023-1406
The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability...
PT-2024-34394 · Teampass · Teampass
Name of the Vulnerable Software and Affected Versions: TeamPass versions prior to 3.1.3.1 Description: The issue allows a user to act with the privileges of a different user id. This is due to the software not properly preventing such actions. Recommendations: For versions prior to 3.1.3.1, updat...
PT-2024-34393 · Teampass · Teampass
Name of the Vulnerable Software and Affected Versions: TeamPass versions prior to 3.1.3.1 Description: The issue arises from the software not properly checking if a mail me also known as action mail operation is performed on behalf of an administrator or manager. This lack of verification can lea...