2 matches found
AZL-59229 CVE-2025-30204 affecting package prometheus for versions less than 2.37.9-3
golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...
WordPress Popup box Plugin <= 4.5.1 is vulnerable to Broken Access Control
Software Popup box Type Plugin Vulnerable versions = 4.5.1 Fixed in 4.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37096 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID aaf62ab75160 Credits Abdi Pranata Required privile...