CVE-2020-37053 Navigate CMS 2.8.7 - ''sidx' SQL Injection

Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to leak database information by manipulating the 'sidx' parameter in comments. Attackers can exploit the vulnerability to extract user activation keys by using time-based blind SQL injection techniques,...

WordPress 4.8.x < 4.8.23 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A potential disclosure of user email addresses. - An RCE POP Chains vulnerability. - A Cross-Site Scripting XSS vulnerability in the post link navigation block. - An issue...

PT-2021-15909 · WordPress · Jetpack

Name of the Vulnerable Software and Affected Versions: JetPack WordPress plugin versions prior to 9.8 Description: A security issue was found in the Jetpack Carousel module, which allows users to create image galleries and comment on images. This issue, discovered by nguyenhg vcs, enables the...

Exposure of Resource to Wrong Sphere

The Jetpack Carousel module of the JetPack WordPress plugin allows users to create a carousel type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhgvcs that allowed the comments of non-published page/posts to...