1614 matches found
Plate Security Breach
Plate is a plugin system for Ziad Beyens individual developers to make it easier to build fully functional editors. Plate has a security vulnerability that stems from when the editor uses the MediaEmbedElement component and passes custom urlParsers via the useMediaState hook, if the custom parser...
WordPress plugin Embed Peertube Playlist security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...
CVE-2024-27090 Decidim vulnerable to data disclosure through the embed feature
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embbeded such as a...
Decidim vulnerable to data disclosure through the embed feature
Impact If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embedded such as a Participatory Process, an Assembly, a Proposal, a Result, etc, then some data of this resource could be accessed. Patches version 0.27.6...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...
GHSA-QCJ6-VXWX-4RQV Decidim vulnerable to data disclosure through the embed feature
Impact If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embedded such as a Participatory Process, an Assembly, a Proposal, a Result, etc, then some data of this resource could be accessed. Patches version 0.27.6...
Decidim vulnerable to data disclosure through the embed feature
Impact If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embedded such as a Participatory Process, an Assembly, a Proposal, a Result, etc, then some data of this resource could be accessed. Patches Version 0.27.6...
WordPress YAHMAN Add-ons plugin <= 0.9.28 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin YAHMAN Add-ons versions = 0.9.28...
WordPress ADDRESSYA plugin <= 3.1.1 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin ADDRESSYA versions = 3.1.1...
WordPress Jobs.af plugin <= 1.0.1 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Jobs.af versions = 1.0.1...
WordPress wp-code-highlightjs plugin <= 0.6.3 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin wp-code-highlightjs versions = 0.6.3...
WordPress Contact Form 7 Multi-Step Addon plugin <= 1.0.5 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Contact Form 7 Multi-Step Addon versions = 1.0.5...