EUVD-2017-11583

Malware in sbrugna...

CVE-2023-1868 YourChannel <= 1.2.3 - Missing Authorization to Plugin Cache Reset

The YourChannel plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check when clearing the plugin cache via the yrcclearcache GET parameter in versions up to, and including, 1.2.3. This makes it possible for unauthenticated attackers to clear the plugin's...

CVE-2021-26833

Cleartext Storage in a File or on Disk in TimelyBills = 1.7.0 for iOS and versions = 1.21.115 for Android allows attacker who can locally read user's files obtain JWT tokens for user's account due to insufficient cache clearing mechanisms. A threat actor can obtain sensitive user data by decoding...