22 matches found
EUVD-2024-33303
Malicious code in bioql PyPI...
CVE-2024-5006
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2024-10794
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10794
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10794 Boostify Header Footer Builder for Elementor <= 1.3.6 - Authenticated (Contributor+) Post Disclosure
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10794
CVE-2024-10794 concerns the Boostify Header Footer Builder for Elementor WordPress plugin (affected versions
CVE-2024-10794 Boostify Header Footer Builder for Elementor <= 1.3.6 - Authenticated (Contributor+) Post Disclosure
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
WordPress plugin Boostify Header Footer Builder for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
WordPress Boostify Header Footer Builder for Elementor Plugin <= 1.3.6 is vulnerable to Sensitive Data Exposure
Software Boostify Header Footer Builder for Elementor Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A4: Insecure Design Classification Sensitive Data Exposure CVE CVE-2024-10794 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8590719f26b7 Credits...
PT-2024-16553 · WordPress · Boostify Header Footer Builder
Name of the Vulnerable Software and Affected Versions: Boostify Header Footer Builder for Elementor plugin for WordPress versions up to, and including, 1.3.6 Description: The issue is related to Information Exposure, where authenticated attackers with Contributor-level access and above can extrac...
WordPress Boostify Header Footer Builder for Elementor plugin Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Boostify...
CVE-2024-4788
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createbhfpost function in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with...
CVE-2024-4788
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createbhfpost function in all versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with...
CVE-2024-4788
Technical details such as affected software versions, root cause, exploitability, and fixes are not provided in the supplied documents. Monitor official advisories and CVE updates for concrete, technical information.
WordPress Boostify Header Footer Builder for Elementor plugin <= 1.3.5 - Missing Authorization to Page/Post Creation vulnerability
Missing Authorization to Page/Post Creation vulnerability discovered by Lucio Sá in WordPress Plugin Boostify Header Footer Builder for Elementor versions = 1.3.5...
CVE-2024-5006
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2024-5006 Boostify Header Footer Builder for Elementor <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via size Parameter
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
WordPress Boostify Header Footer Builder for Elementor Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Boostify Header Footer Builder for Elementor Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5006 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b780e83010be...
PT-2024-32870 · WordPress · Boostify Header Footer Builder
Name of the Vulnerable Software and Affected Versions: Boostify Header Footer Builder for Elementor plugin for WordPress versions up to, and including, 1.3.3 Description: The issue is related to unauthorized modification of data due to a missing capability check on the create bhf post function...
WordPress Boostify Header Footer Builder for Elementor Plugin <= 1.3.5 is vulnerable to Broken Access Control
Software Boostify Header Footer Builder for Elementor Type Plugin Vulnerable versions = 1.3.5 Fixed in 1.3.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4788 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c1f45fa202fb Credits...