WordPress wpDiscuz Plugin <= 7.6.3 is vulnerable to Broken Access Control

Software wpDiscuz Type Plugin Vulnerable versions = 7.6.3 Fixed in 7.6.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-45760 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID b4dc1c4ebd9c Credits RE-ALTER Required privilege...

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5534 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dd9ca26e2bc4 Credits Marco Wotschka Required...

WordPress Email Subscribers & Newsletters Plugin <= 5.6.23 is vulnerable to Path Traversal

Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.6.23 Fixed in 5.6.24 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2023-5414 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID a55da7ad2e82 Credits Marco Wotschka Required privile...

WordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software CPT Shortcode Generator Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45644 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8bfa1d036efa Credits Lokesh Dachepalli...

WordPress Eupago Gateway For Woocommerce Plugin <= 3.1.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software Eupago Gateway For Woocommerce Type Plugin Vulnerable versions = 3.1.9 Fixed in 3.1.10 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45638 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 84bb9fde48fb Credits...

WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Nexter Extension Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45750 Patch priority Medium CVSS severity Medium 7.1 Developer POSIMYTH Innovations PSID ad2209719d8d Credits Rafie...

WordPress Get Custom Field Values Plugin <= 4.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Get Custom Field Values Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-45604 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8b0df9061359 Credits Satoo Nakano Required privilege...

CVE-2023-36720

Windows Mixed Reality Developer Tools Denial of Service Vulnerability...

CVE-2023-36720

Windows Mixed Reality Developer Tools Denial of Service Vulnerability...

Denial of service

Windows Mixed Reality Developer Tools Denial of Service Vulnerability...

CVE-2023-36720

CVE-2023-36720 is a DoS vulnerability in Windows Mixed Reality Developer Tools with a CVSS v3.1 base score of 7.5 (HIGH). It requires network access, has no user interaction, and does not require privileges, with the impact limited to availability (I/N; A=HIGH). The available sources identify the...

CVE-2023-36720 Windows Mixed Reality Developer Tools Denial of Service Vulnerability

...

CVE-2023-36720 Windows Mixed Reality Developer Tools Denial of Service Vulnerability

...

Windows Mixed Reality Developer Tools Denial of Service Vulnerability

...

Microsoft Windows Mixed Reality Developer Tools Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Mixed Reality Developer Tools. An attacker has exploited the vulnerability to cause a denial of service on the...

PT-2023-6068 · Microsoft · Windows Mixed Reality Developer Tools +1

Name of the Vulnerable Software and Affected Versions: Windows Mixed Reality Developer Tools affected versions not specified Description: The issue is related to incorrect resource cleanup, which can be exploited by a remote attacker to cause a denial of service. Recommendations: At the moment,...

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party could exploit the vulnerabilities to cause a denial-of-service attack. Of the vulnerabilities with reference CVE-2023-44487, Microsoft has information that they are being exploited to a limited extent. HTTP/2:...

KLA61353 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in HTTP/2 protocol can be exploited remotely to cause...

WordPress User Submitted Posts Plugin <= 20230902 is vulnerable to Arbitrary File Upload

Software User Submitted Posts Type Plugin Vulnerable versions = 20230902 Fixed in 20230914 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-45603 Patch priority High CVSS severity High 9 Developer Claim ownership PSID b7d676bf7c95 Credits Rafie Muhammad Patchstack...

WordPress WordPress Popular Posts Plugin <= 6.3.2 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Popular Posts Type Plugin Vulnerable versions = 6.3.2 Fixed in 6.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-45607 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e1c445e00e39 Credits Rafie Muhammad Patchstack...