WordPress Recent Posts Slider Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Recent Posts Slider Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35043 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cce446409bae Credits LEE SE HYOUNG...

WordPress Zephyr Project Manager Plugin <= 3.3.93 is vulnerable to Cross Site Request Forgery (CSRF)

Software Zephyr Project Manager Type Plugin Vulnerable versions = 3.3.93 Fixed in 3.3.94 OWASP Top 10 A6: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-34373 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 598837ada134 Credits...

WordPress MStore API Plugin < 3.9.6 is vulnerable to Broken Access Control

Software MStore API Type Plugin Vulnerable versions 3.9.6 Fixed in 3.9.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID f9c3e8cc268b Credits Unknown Required privilege Subscriber Publish...

WordPress All Bootstrap Blocks Plugin <= 1.3.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software All Bootstrap Blocks Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35047 Patch priority Low CVSS severity Low 4.3 Developer AREOI PSID 8b9a52ad65ee Credits LEE SE HYOUNG...

WordPress WP Front User Submit / Front Editor Plugin < 3.8.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Front User Submit / Front Editor Type Plugin Vulnerable versions 3.8.0 Fixed in 3.8.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 8294b3556758 Credits Unknown Requir...

KLA50317 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information, spoof user interface. Below is a complete list of...

WordPress FiboSearch – Ajax Search for WooCommerce Plugin <= 1.23.0 is vulnerable to Cross Site Scripting (XSS)

Software FiboSearch – Ajax Search for WooCommerce Type Plugin Vulnerable versions = 1.23.0 Fixed in 1.24.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2450 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1e16f85faf8c Credi...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0709 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID 4e0102594f1d Credits Ramuel Gall...

WordPress WP Mail Catcher Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Mail Catcher Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3080 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 4c3adbc78628 Credits Alex Thomas Required...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.1 is vulnerable to Sensitive Data Exposure

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0691 Patch priority Medium CVSS severity Medium 4.3 Developer Wpmet PSID 747e7584ba0a Credits Ramuel...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.1 is vulnerable to Sensitive Data Exposure

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0693 Patch priority High CVSS severity High 6.5 Developer Wpmet PSID a48d4f77e351 Credits Ramuel Gall...

WordPress Members Plugin <= 3.4.7.3 is vulnerable to Broken Access Control

Software Members Type Plugin Vulnerable versions = 3.4.7.3 Fixed in 3.4.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2869 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 561a12f2621a Credits Marco Wotschka Required...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.1 is vulnerable to Sensitive Data Exposure

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0692 Patch priority Medium CVSS severity Medium 4.3 Developer Wpmet PSID d33b9b89cda5 Credits Ramuel...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0708 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID d2490fc4db6a Credits Ramuel Gall...

Exploit for Uncontrolled Resource Consumption in Ruoyi

CVE-2023-3163-SQL-Injection-Prevention A simple and quick way...

[SECURITY] Fedora 37 Update: python3.9-3.9.16-2.fc37

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

WordPress B2BKing Plugin <= 4.6.00 is vulnerable to Broken Access Control

Software B2BKing Type Plugin Vulnerable versions = 4.6.00 Fixed in 4.6.20 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3126 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID e0410908e411 Credits Jerome Bruandet Required...

WordPress Activello Theme <= 1.4.0 is vulnerable to Broken Access Control

Software Activello Type Theme Vulnerable versions = 1.4.0 Fixed in 1.4.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2020-36721 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 121a85ec7375 Credits Jerome Bruandet - NinTechNet...

WordPress Directorist Plugin <= 7.5.4 is vulnerable to Privilege Escalation

Software Directorist Type Plugin Vulnerable versions = 7.5.4 Fixed in 7.5.5 OWASP Top 10 A2: Broken Authentication Classification Privilege Escalation CVE CVE-2023-1888 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3e2d4eebdb38 Credits Alex Thomas Required privilege...

WordPress B2BKing Plugin <= 4.6.00 is vulnerable to Broken Access Control

Software B2BKing Type Plugin Vulnerable versions = 4.6.00 Fixed in 4.6.20 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3125 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 7647d8bb49ff Credits Jerome Bruandet Required privilege...