2674 matches found
highlight.io 安全漏洞
highlight.io is open source full stack monitoring platform. Error monitoring, session replay, logging and more. A security vulnerability exists in highlight.io versions prior to 6.0.0 that stems from unintentionally logging password values when using the Show Password button...
WordPress Button Generator – easily Button Builder Plugin <= 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software Button Generator – easily Button Builder Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25443 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ad530edff5de...
CVE-2023-25481
Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...
CVE-2023-25481
Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...
CVE-2023-25481 WordPress Podlove Subscribe button Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...
PT-2023-20100 · Podlove · Podlove Subscribe Button Plugin
Name of the Vulnerable Software and Affected Versions: Podlove Podlove Subscribe button plugin versions 1.3.7 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...
CVE-2023-33254
There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an authenticated attacker edits the user-authentication settings to specify an...
PT-2023-24248 · Quest · Kace Systems Deployment/Remote Site Appliances
Name of the Vulnerable Software and Affected Versions: KACE Systems Deployment and Remote Site appliances version 9.0.146 Description: There is an LDAP bind credentials exposure. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an...
CVE-2023-23867
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gautam Thapar Button Builder – Buttons X plugin = 0.8.6 versions...
CVE-2023-23867
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gautam Thapar Button Builder – Buttons X plugin = 0.8.6 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gautam Thapar Button Builder – Buttons X plugin = 0.8.6 versions...
CVE-2023-23867
CVE-2023-23867: WordPress Button Builder – Buttons X plugin
CVE-2023-23867 WordPress Button Builder – Buttons X Plugin <= 0.8.6 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gautam Thapar Button Builder – Buttons X plugin = 0.8.6 versions...
WordPress Plugin Button Builder – Buttons X 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress Plugin Button Builder – Buttons X 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Button Plugin <= 1.1.23 is vulnerable to Cross Site Scripting (XSS)
Software Button Type Plugin Vulnerable versions = 1.1.23 Fixed in 1.1.24 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23871 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 53d7594604e4 Credits yuyudhn Required privilege...
xorg-x11-server: XIPassiveUngrab out-of-bounds access
A vulnerability was found in X.Org. This issue occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code...
xorg-x11-server: XIPassiveUngrab out-of-bounds access
A vulnerability was found in X.Org. This issue occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code...
admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +115 more potentially affected by CVE-2023-31047 via django (>=3.2.0 <=3.2.18)
django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =6.2.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =0.1.26, =0.1.27 and more Source cves: CVE-2023-31047 Source advisory: OSV:PYSEC-2023-61...
CVE-2023-25783
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex Moss FireCask Like & Share Button plugin = 1.1.5 versions...