CVE-2024-0708 Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages <= 1.7.2 - Unauthenticated Information Exposure

The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.2. This makes it possible for unauthenticated attackers to access landing pages that may not be public...

CVE-2024-0708

CVE-2024-0708 relates to the WordPress plugin Landing Page Cat (Coming Soon Page, Maintenance Page & Squeeze Pages). Affected versions are

WordPress Landing Page Cat Plugin <= 1.7.2 is vulnerable to Sensitive Data Exposure

Software Landing Page Cat Type Plugin Vulnerable versions = 1.7.2 Fixed in 1.7.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0708 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9cdc23335541 Credits Nathaniel Oh 0x4n3 Requir...

WordPress Plugin Landing Page Cat Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages < 1.7.3 - Unauthenticated Information Exposure

Description The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.2. This makes it possible for unauthenticated attackers to access landing pages that may not be publ...

Warzone RAT infrastructure seized

On February 9, 2024, the Justice Department announced that an international operation had seized internet domains that were selling information-stealing malware. Federal authorities in Boston seized www.warzone.ws and three related domains, which sold the Warzone RAT malware. The Warzone RAT...

Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign

Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign deploys a benign container generated using the Commando project," Cado security researchers Nate Bill and Matt Muir said in a new report published today...

canal10.cat Cross Site Scripting vulnerability OBB-3824236

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cat-carrelage.com Improper Access Control vulnerability OBB-3795281

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-48087

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat...

CVE-2023-48087

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat...

CVE-2023-47545

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

CVE-2023-47545

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

CVE-2023-47545

CVE-2023-47545 affects Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress, versions = 2.5.5 recommended.

CVE-2023-47545 WordPress Forms for Mailchimp by Optin Cat Plugin <= 2.5.4 is vulnerable to Cross Site Scripting (XSS)

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

WordPress Plugin Forms for Mailchimp by Optin Cat - Grow Your MailChimp List Security Breach

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress Plugin Forms for Mailchimp by Optin Cat - Grow...

WordPress Forms for Mailchimp by Optin Cat Plugin <= 2.5.4 is vulnerable to Cross Site Scripting (XSS)

Software Forms for Mailchimp by Optin Cat Type Plugin Vulnerable versions = 2.5.4 Fixed in 2.5.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47545 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 6854d5e5d188 Credits DoYeon Park...

CVE-2023-5098

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges like subscribers from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS...

Design/Logic Flaw

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges like subscribers from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS...

CVE-2023-5098

CVE-2023-5098: Campaign Monitor Forms by Optin Cat for WordPress (pre-2.5.6) allows a Subscriber+ level attacker to overwrite arbitrary WordPress options by calling an AJAX action (fca_eoi_dismiss) with the value true, enabling a denial-of-service style attack. Root cause is broken access control...