WordPress VikRentItems Flexible Rental Management System plugin <= 1.2.0 - Reflected Cross-Site Scripting via 'delto' Parameter vulnerability

Reflected Cross-Site Scripting via 'delto' Parameter vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin VikRentItems Flexible Rental Management System versions = 1.2.0...

WordPress Smart Auto Upload Images plugin <= 1.2.0 - Authenticated (Contributor+) Arbitrary File Upload vulnerability

Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by Dieu Link and GCSC Vietnam in WordPress Plugin Smart Auto Upload Images versions = 1.2.0...

WordPress Bold Timeline Lite Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Bold Timeline Lite Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43294 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 636116c40c53 Credits LVT-tholv2k Required privilege...

WordPress Amelia Plugin <= 1.2 is vulnerable to Sensitive Data Exposure

Software Amelia Type Plugin Vulnerable versions = 1.2 Fixed in 1.2.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6552 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 963ab0b19e24 Credits stealthcopter Required privilege...

CVE-2019-1010189

mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1...

DEBIAN-CVE-2019-1010189

mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1...

UBUNTU-CVE-2019-1010189

mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1...

Design/Logic Flaw

mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1...