WordPress import-users-from-csv-with-meta plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. import-users-from-csv-with-meta is a user data import plugin used in it. A cross-site request forgery vulnerability exists in WordPres...

CVE-2019-15127

REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file...

Cross site scripting

REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file...

CVE-2019-15127

REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file...

CVE-2019-15127

CVE-2019-15127 affects REDCap prior to 9.3.0. The issue is an XSS vulnerability on the Data Import Tool page, exploitable by a CSV data import file and affecting non-administrator accounts. The description in public records does not specify the underlying root cause or CVE exploit vectors beyond ...

PEpper - An Open Source Script To Perform Malware Static Analysis On Portable Executable

An open source tool to perform malware static analysis on P ortable E xecutable Installation eva@paradise:$ git clone https://github.com/Th3Hurrican3/PEpper/ eva@paradise:$ cd PEpper eva@paradise:$ pip3 install -r requirements.txt eva@paradise:$ python3 pepper.py ./malwaredir Screenshot...

August 17, 2019—KB4512478 (Preview of Monthly Rollup)

August 17, 2019—KB4512478 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4512488 released August 13, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...

August 17, 2019—KB4512512 (Preview of Monthly Rollup)

August 17, 2019—KB4512512 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4512518 released August 13, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...

June 20, 2019—KB4503283 (Preview of Monthly Rollup)

June 20, 2019—KB4503283 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4503276 released June 11, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an issu...

WordPress wp-ultimate-csv-importer plugin cross-site request forgery vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. wp-ultimate-csv-importer plugin is used in which a CSV file import/export plugin. A cross-site request forgery vulnerabili...

CVE-2019-14800

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI...

Format string

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI...

CVE-2019-14800

The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI...

CVE-2019-14800

The CVE-2019-14800 issue affects the WordPress plugin FV Flowplayer Video Player prior to 7.3.15.727. It enables guests to exfiltrate the email subscription list in CSV format via wp-admin/admin-post.php?page=fvplayer&fv-email-export=1. The vulnerability is an information disclosure with partial ...

CVE-2018-20967

The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF...

Cross site request forgery (csrf)

The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF...

CVE-2018-20967

The CVE-2018-20967 issue affects the WordPress plugin wp-ultimate-csv-importer prior to version 5.6.1, which is vulnerable to CSRF. Multiple sources (NVD, Red Hat, CNVD, OpenVAS, WPVulnDB, PT-2019-10403) confirm the affected software and the vulnerability class, with remediation guidance consiste...

CVE-2018-20967

The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF...

WordPress wp-ultimate-csv-importer plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. wp-ultimate-csv-importer plugin is used in which a CSV file import/export plugin. A cross-site scripting vulnerability...

August 13, 2019—KB4511553 (OS Build 17763.678)

August 13, 2019—KB4511553 OS Build 17763.678 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Starting with update KB4497934, we are introducing functionality that allows you to decide when to install a feature update. You control when you...