10517 matches found
CVE-2024-1584 Analytify <= 5.2.1 - Missing Authorization to Unauthenticated Google Analytics Tracking ID Modification
The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...
CVE-2024-1584
CVE-2024-1584 affects Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy). The issue is a missing capability check in wpa_check_authentication across all versions up to 5.2.1, enabling unauthorized modification of the site’s Google Analytics tracking ID by unauthenticat...
CVE-2024-3520 Country State City Dropdown CF7 <= 2.7.1 - Missing Authorization
The Country State City Dropdown CF7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tccscapatchsettings function in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with subscriber access...
CVE-2024-3520
The Country State City Dropdown CF7 WordPress plugin has a root-cause issue: a missing capability check in tc_csca_patch_settings leading to unauthorized data modification. Affected versions are all up to 2.7.1; authenticated users with subscriber rights and above can add states/cities to the dro...
WordPress plugin Ivory Search 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Admin Bar Remover 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress plugin Tutor LMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
The vulnerability of the Hotspot component in Oracle Java SE software, as well as in Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines, allows attackers to modify, add, or delete data.
The vulnerability of the Hotspot component of the Oracle Java SE software platform, as well as of the Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to...
The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application allows a perpetrator to gain unauthorized access to protected information and to modify, add, or delete data.
The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application relates to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information and to modify, ad...
WordPress plugin Post Grid 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin ShopLentor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin Analytify 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-24511 · WordPress · The Ivory Search
Name of the Vulnerable Software and Affected Versions: The Ivory Search – WordPress Search Plugin versions up to, and including, 5.5.5 Description: The issue allows authenticated attackers with subscriber-level access and above to modify data without authorization due to a missing capability chec...
WordPress plugin WP Datepicker 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-28487 · WordPress · Masterstudy Lms Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress versions up to, and including, 3.3.8 Description: The issue allows authenticated attackers with subscriber level permissions and above to access,...
WordPress plugin Print Labels with Barcodes 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin 2Checkout Payment Gateway for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
mysql: Server: DDL unspecified vulnerability (CPU Jan 2024)
Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL Server as well a...
mysql: Server: DDL unspecified vulnerability (CPU Apr 2023)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...
mysql: Server: DML unspecified vulnerability (CPU Apr 2024)
A flaw was found in the MySQL Server product of Oracle MySQL component: Server: DML. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability ...