14 matches found
WordPress EventON Lite< 2.2.9 - Unauthenticated Virtual Event Settings Update vulnerability
Unauthenticated Virtual Event Settings Update vulnerability discovered by Erwan LR WPScan in WordPress Plugin EventON versions 2.2.9...
EUVD-2008-3071
Malware in sbrugna...
EUVD-2024-16034
Malicious code in bioql PyPI...
EUVD-2024-47069
Malicious code in bioql PyPI...
CVE-2024-8113
Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious event organizers to inject HTML tags into e-mail previews on settings page. The default Content Security Policy of pretix prevents execution of attacker-provided scripts, making exploitation unlikely. However,...
PYSEC-2024-180
Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious event organizers to inject HTML tags into e-mail previews on settings page. The default Content Security Policy of pretix prevents execution of attacker-provided scripts, making exploitation unlikely. However,...
CVE-2024-5940 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings Update
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handlerequest' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to edi...
CVE-2024-5940 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings Update
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handlerequest' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to edi...
WordPress GiveWP plugin <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings Update vulnerability
Missing Authorization to Unauthenticated Event Settings Update vulnerability discovered by villu164 in WordPress Plugin GiveWP versions = 3.13.0...
CVE-2024-0237 EventON (Free < 2.2.9, Premium <= 4.5.8) - Unauthenticated Virtual Event Settings Update
The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc...
WordPress plugin EventON security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-14911 · WordPress · Eventon
Name of the Vulnerable Software and Affected Versions: The EventON - WordPress Virtual Event Calendar Plugin versions up to, and including, 4.5.4 Pro and 2.2.8 Free Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the save virtual eve...
WpStream < 4.5.5 - Local Event Settings Update via CSRF
Description The plugin does not have CSRF check when updating its local event settings, which could allow attackers to make logged in admin perform such action via a CSRF attack...
How to View NetScaler SNMP Trap Details on NetScaler MAS
This article describes how to view NetScaler SNMP trap details on NetScaler MAS. Background You can now view the details of each SNMP trap received from NetScaler instances to the NetScaler MAS server on the Event Settings page. For a specific trap received from your instance, you can view the...