106 matches found
CVE-2024-22141 WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0...
PT-2024-19228 · Cozmoslabs · Profile Builder
Name of the Vulnerable Software and Affected Versions: Profile Builder Pro versions 3.10.0 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a vulnerability in Cozmoslabs Profile Builder Pro. Recommendations: For versions 3.10...
WordPress plugin Profile Builder Pro Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
CVE-2024-22142
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...
CVE-2024-22142
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...
CVE-2024-22142
CVE-2024-22142 is a cross-site scripting (Reflected XSS) vulnerability in Cozmoslabs Profile Builder Pro (versions
CVE-2024-22142 WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...
CVE-2024-22142 WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...
PT-2024-19229 · Cozmoslabs · Profile Builder
Name of the Vulnerable Software and Affected Versions: Cozmoslabs Profile Builder Pro versions 3.10.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an...
WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)
Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22142 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 458e79568c87 Credits Dave Jong Patchstack...
WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data Exposure
Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-22141 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d6301bb29b09 Credits Dave Jong...
WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-22140 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 81245bbcdd5e Credits Dave Jong...
Intel® Quartus® Advisory
This advisory contains CVEs in Altera products and has been transferred to Altera for support. The updated advisory can be found at the link below: https://www.altera.com/product-security/advisory-archive/intel-sa-00632.html...
CVE-2022-21205
Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...
CVE-2022-21205
Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...
Xxe
Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...
CVE-2022-21205
Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...
Profile Builder & Profile Builder Pro < 3.3.3 - Authenticated Blind SQL Injection
The orderby parameter of the wp-admin/users.php?page=unconfirmedemails=email=asc page, which is available when the "Email confirmation" setting of the plugin is activated default is off, is not properly sanitised and validated before being concatenated in a SQL statement, leading to an SQL...
WordPress Profile Builder Pro premium plugin <= 3.3.2 - Authenticated Blind SQL Injection (SQLi) vulnerability
Authenticated Blind SQL Injection SQLi vulnerability found by Lenon Leite in WordPress Profile Builder Pro premium plugin versions = 3.3.2. Solution Update the WordPress Profile Builder Pro premium plugin to the latest available version at least 3.3.3...