EulerOS 2.0 SP10 : mutt (EulerOS-SA-2023-3187)

According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 1.5.2 1.5.2 1...

EulerOS 2.0 SP11 : mutt (EulerOS-SA-2023-3252)

According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 1.5.2 1.5.2 1...

WordPress plugin Royal Elementor Addons and Templates security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

The Events Calendar < 6.2.9 - Unauthenticated Sensitive Information Exposure

Description The plugin is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.2.8.2 via the route function hooked into wpajaxnoprivtribedropdown. This makes it possible for unauthenticated attackers to extract potentially sensitive data including post titles and I...

CVE-2023-6582

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.3 via the ekitwidgetareacontent function. This makes it possible for unauthenticated attackers to obtain contents of posts in draft, private or pending...

PageLayer < 1.8.0 - Author+ Stored XSS

Description The plugin doesn't prevent attackers with administrator privileges from inserting malicious JavaScript inside a post's header or footer code, even when unfilteredhtml is disallowed, such as in multi-site WordPress configurations. - As a user with Author+ capabilities, create a new pos...

Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure

Description The plugin allows any unauthenticated user to read draft and private posts via a crafted request PoC https://example.com/?poststatus=draft https://example.com/?poststatus=private...

CVE-2023-6077

The Slider WordPress plugin before 3.5.12 does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protect...

Emlog 安全漏洞

emlog is a PHP and MySQL based CMS builder. Emlog Pro v2.1.14 version of a cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the component /admin/article.php?activesavedraft, which can be exploited by an attacker...

Royal Elementor Addons and Templates < 1.3.81 - Unauthenticated Arbitrary Post Read

Description The plugin does not ensure that users accessing posts via an AJAX action and REST endpoint, currently disabled in the plugin have the right to do so, allowing unauthenticated users to access arbitrary draft, private and password protected posts/pages content WooCommerce needs to be...

Confluence XHR requests have the wrong content type

h3. Problem Watching or Stop watching a Confluence page and other operations see below list of identified endpoints will generate a request like the one below copied as curl from HAR capture for convenience: code:java curl 'https://confluence/rest/api/user/watch/content/9999999' \ -X 'DELETE' \ -...

Slider - Ultimate Responsive Image Slider < 3.5.12 - Subscriber+ Arbitrary Post Access

Description The plugin does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protected PoC Run the belo...

Elementor Addon Elements < 1.12.8 - Unauthenticated Post ID/Tile Disclosure

Description The plugin does not have authorisation in its ajaxeaepostdata function, allowing unauthenticated users to retrieve arbitrary posts/pages such as draft, private etc IDs and tiles...

Missing Authorization

Mattermost is vulnerable to Missing Authorization. The Vulnerability is due to not properly checking the creator of an attached file when adding the file to a draft post. This allows an attacker to potentially expose information by adding the file to a draft post...

Ubuntu 23.10 : Mutt vulnerabilities (USN-6374-2)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6374-2 advisory. USN-6374-1 fixed vulnerabilities in Mutt. This update provides the corresponding updates for Ubuntu 23.10. Tenable has extracted the preceding description...

CVE-2023-3707

The ActivityPub WordPress plugin before 1.0.0 does not ensure that post contents to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the content of arbitrary post such as draft and private via an IDOR vector. Password protected post...

CVE-2023-5331

Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information...

Information disclosure

Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information...

CVE-2023-5331 File Information Leak via IDOR in file_id in Draft Posts

Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information...

CVE-2023-5331 File Information Leak via IDOR in file_id in Draft Posts

Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information...