WordPress AutoSave Net plugin <= 1.3.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress AutoSave Net plugin versions = 1.3.4. Solution No patched version available...

WordPress Multifox Plus plugin < 1.1.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Multifox Plus plugin versions 1.1.1. Solution Update the WordPress Multifox Plus plugin to the latest available version at least 1.1.1...

WordPress Compare Affiliated Products plugin <= 2.2.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Compare Affiliated Products plugin versions = 2.2.0. Solution No patched version available...

WordPress Goon – Speed Up Your WordPress Site plugin <= 1.2.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Goon – Speed Up Your WordPress Site plugin versions = 1.2.4. Solution Update the WordPress Goon – Speed Up Your WordPress Site plugin to the latest available version at least 1.2.6...

WordPress Food Recipes plugin <= 2.1.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Food Recipes plugin versions = 2.1.1. Solution Update the WordPress Food Recipes plugin to the latest available version at least 2.1.2...

WordPress Out of stock display for woocommerce plugin <= 1.0.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Out of stock display for woocommerce plugin versions = 1.0.1. Solution No patched version available...

WordPress Footer Plugin for Divi plugin <= 3.3.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Footer Plugin for Divi plugin versions = 3.3.5. Solution No patched version available...

WordPress The Events Calendar plugin < 5.14.0.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress The Events Calendar plugin versions 5.14.0.4. Solution Update the WordPress The Events Calendar plugin to the latest available version at least 5.14.0.4...

WordPress Payment Gateway for PayFabric plugin <= 1.0.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Payment Gateway for PayFabric plugin versions = 1.0.5. Solution Update the WordPress Payment Gateway for PayFabric plugin to the latest available version at least 1.0.12...

WordPress WP Post Block plugin <= 1.0.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP Post Block plugin versions = 1.0.2. Solution No patched version available...

WordPress WordPress Gallery Plugin – Edge Photo Gallery plugin <= 2.0.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WordPress Gallery Plugin – Edge Photo Gallery plugin versions = 2.0.2. Solution No patched version available...

WordPress Past Events Extension plugin <= 1.0.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Past Events Extension plugin versions = 1.0.1. Solution No patched version available...

Information Disclosure

microweber is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization in the Handler.php file allow to view sensitive information in debug mode...

Insertion of Sensitive Information Into Debugging Code

Description Laravel debug mode exposes sensitive data, eg: internal source codes, stack traces, sql queries, databases names, tables names, user's cookies, email, phone number, username, laravel version, php version, etc Proof of Concept 1. Login into http://demo.microweber.org 2. Navigate to thi...

CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...

CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...

DEBIAN-CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...

CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...

CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...

CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...