CVE-2023-45064

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Daisuke TakahashiExtend Wings OPcache Dashboard plugin = 0.3.1 versions...

CVE-2023-45064 WordPress OPcache Dashboard Plugin <= 0.3.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Daisuke TakahashiExtend Wings OPcache Dashboard plugin = 0.3.1 versions...

CVE-2023-45064

CVE-2023-45064: Unauthenticated reflected XSS in the OPcache Dashboard plugin for WordPress, affected versions

Prototype Pollution

tree-kit is vulnerable to Prototype Pollution. The vulnerability occurs because the extend function when the unflat option is set can be used to add arbitrary properties to an object , including properties that are not defined in the object's prototype which allows an attacker to execute arbitrar...

tree-kit Prototype Pollution vulnerability

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

PT-2023-8585 · Unknown · Cronvel Tree-Kit

Name of the Vulnerable Software and Affected Versions: Cronvel Tree-kit versions 0.7.4 and before Description: A Prototype Pollution issue in Cronvel Tree-kit allows a remote attacker to execute arbitrary code via the extend function. This issue is related to uncontrolled modification of object...

hellojs security vulnerability

hellojs is a JavaScript-written client-side software development kit for user Oauth authentication for individual developers. A security vulnerability exists in MrSwitch hello.js version 1.18.6, which stems from the presence of a prototype contamination vulnerability. An attacker can exploit the...

How to Extend CA Validity Period and Renew FAS Certificates

This article is designed to describe how to extend CA Validity Period and renew FAS Certificates...

Prototype Pollution

progressbar.js is vulnerable to Prototype Pollution. The vulnerability exists in extend function at utils.js which allows an attacker to inject and modify malicious properties such as proto, resulting in prototype pollution...

GHSA-89QM-HM2X-MXM3 progressbar.js vulnerable to Prototype Pollution

All versions of the package progressbar.js prior to 1.1.1 are vulnerable to Prototype Pollution via the function extend in the file utils.js...

progressbar.js vulnerable to Prototype Pollution

All versions of the package progressbar.js prior to 1.1.1 are vulnerable to Prototype Pollution via the function extend in the file utils.js...

CVE-2023-26133

All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend in the file utils.js...

CVE-2023-26133

All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend in the file utils.js...

CVE-2023-26133

Progressbar.js (package) is affected by a Prototype Pollution vulnerability via extend() in utils.js. All versions prior to 1.1.1 are vulnerable; a fix takes effect in 1.1.1 and later. If exploiting details are provided in the connected docs, remediation is to upgrade to 1.1.1 or newer. Other sou...

ProgressBar.js 安全漏洞

ProgressBar.js is a responsive progress bar by Kimmo Brunfeldt Personal Developer. ProgressBar.js has a security vulnerability that stems from easy prototype contamination via the function extend in the file utils.js...

PT-2023-20512 · Unknown · Progressbar.Js

Name of the Vulnerable Software and Affected Versions: progressbar.js versions prior to 1.1.1 Description: The issue concerns Prototype Pollution via the extend function in the utils.js file. This affects the progressbar.js package. Recommendations: For versions prior to 1.1.1, update to version...

extendoffice.com Cross Site Scripting vulnerability OBB-3388520

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

@aprilsacil/wallet (>=0.1.36 <=0.1.51), @bosonprotocol/react-kit (>=0.1.0-alpha.0 <=0.1.0-alpha.2) +43 more potentially affected by CVE-2023-30543 via @web3-react/metamask (>=8.0.14-beta.0 <=8.0.28-beta.0)

@web3-react/metamask NPM version =8.0.14-beta.0, =0.1.36, =0.1.0-alpha.0, =0.0.46, =0.0.70, =1.0.0, =1.0.0, =0.0.1, =1.1.0, =0.0.3, =1.0.0, =1.0.0, =0.0.6-alpha.0, =0.0.12 - @huma-finance/widgets =0.0.6-alpha.0 and more Source cves: CVE-2023-30543 Source advisory: OSV:GHSA-8PF3-6FGR-3G3G...