Navigate FDA 524b to get your medical cyber device to market

With amendment 524b officially enacted, medical devices across the United States and the globe are living under some new rules and procedures. You’re not alone if you are finding these new regulations a bit complex. Changes to business practices – particularly ones that involve millions of...

WordPress Cookie Bar Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software Cookie Bar Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49836 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 703ecb793ab1 Credits Muhammad Daffa Required privilege Administrator...

WordPress WP Photo Album Plus Plugin <= 8.5.02.005 is vulnerable to Bypass Vulnerability

Software WP Photo Album Plus Type Plugin Vulnerable versions = 8.5.02.005 Fixed in 8.6.01.005 OWASP Top 10 A1: Broken Access Control Classification Bypass Vulnerability CVE CVE-2023-49774 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 23d1af6fe73e Credits Brandon Roldan...

WordPress Fix My Feed RSS Repair Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Fix My Feed RSS Repair Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49816 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5bdeb04c02b0 Credits Nguyen Xuan Chie...

WordPress Advanced Database Cleaner Plugin <= 3.1.2 is vulnerable to SQL Injection

Software Advanced Database Cleaner Type Plugin Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-49764 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 18ca57291df6 Credits Mika Required privilege Administrator...

WordPress Bulk Edit Post Titles Plugin <= 5.0.0 is vulnerable to Broken Access Control

Software Bulk Edit Post Titles Type Plugin Vulnerable versions = 5.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-49754 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID cc6753fe92c9 Credits Nguyen Xuan Chien...

WordPress Backup Migration Plugin <= 1.3.6 is vulnerable to Sensitive Data Exposure

Software Backup Migration Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-6266 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 7df0ea44f3d7 Credits Rafshanzani Suhada...

Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails

Google has revealed a new multilingual text vectorizer called RETVec short for Resilient and Efficient Text Vectorizer to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertio...

Transform Your Data Security Posture – Learn from SoFi's DSPM Success

As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra's DSPM Data Security Posture Management emerges as a comprehensive...

WordPress teachPress Plugin <= 9.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software teachPress Type Plugin Vulnerable versions = 9.0.4 Fixed in 9.0.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48755 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ef454afbab45 Credits LVT-tholv2k Required...

WordPress JetTricks Plugin <= 1.4.6.1 is vulnerable to Broken Access Control

Software JetTricks Type Plugin Vulnerable versions = 1.4.6.1 Fixed in 1.4.6.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 889841daf743 Credits Rafie Muhammad Patchstack...

WordPress The Events Calendar Plugin < 6.2.8.1 is vulnerable to Sensitive Data Exposure

Software The Events Calendar Type Plugin Vulnerable versions 6.2.8.1 Fixed in 6.2.8.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Liquid Web / StellarWP PSID fb9bc5b80294 Credits Krzysztof Zając Require...

WordPress Grab & Save Plugin <= 1.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Grab & Save Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47845 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 10b2ddc4a429 Credits Dimas Maulana Required...

WordPress Contact Form to Any API Plugin <= 1.1.6 is vulnerable to Broken Access Control

Software Contact Form to Any API Type Plugin Vulnerable versions = 1.1.6 Fixed in 1.1.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47871 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 81c0f0123458 Credits Arvandy Require...

WordPress Jetpack Plugin < 12.7 is vulnerable to Clickjacking

Software Jetpack Type Plugin Vulnerable versions 12.7 Fixed in 12.7 OWASP Top 10 A3: Injection Classification Clickjacking CVE CVE-2023-47774 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 18fefcc21cac Credits Rafie Muhammad Patchstack Required privilege Contributor...

WordPress LuckyWP Scripts Control Plugin <= 1.2.1 is vulnerable to Broken Access Control

Software LuckyWP Scripts Control Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47778 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 0397d6dac11d Credits Abdi Pranata...

WordPress ElementsKit Pro Plugin <= 3.3.0 is vulnerable to Broken Access Control

Software ElementsKit Pro Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.6.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-39993 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID b8963eeda442 Credits Rafie Muhammad Patchsta...

WordPress Frontend File Manager Plugin < 22.6 is vulnerable to Arbitrary File Download

Software Frontend File Manager Type Plugin Vulnerable versions 22.6 Fixed in 22.6 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Download CVE CVE-2023-5105 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID 66e0e4c68ed0 Credits Dmitrii Ignatyev...

WordPress Additional Order Filters for WooCommerce Plugin <= 1.11 is vulnerable to Cross Site Scripting (XSS)

Software Additional Order Filters for WooCommerce Type Plugin Vulnerable versions = 1.11 Fixed in 1.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47690 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b716b645579a...

PT-2023-9500 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the process that classifies traffic going to the Unified Threat Defense UTD component could allow an unauthenticated, remote attacker to cause a denial of...