Lucene search
K

5 matches found

OSV
OSV
added 2025/01/10 3:19 p.m.7 views

CVE-2024-56511 DataEase has an unauthorized vulnerability

DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...

9.3CVSS6.8AI score0.20883EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/01/10 3:19 p.m.21 views

CVE-2024-56511 DataEase has an unauthorized vulnerability

DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...

9.3CVSS0.20883EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/04/04 12:0 a.m.13 views

WordPress Spectra Plugin <= 2.10.3 is vulnerable to Cross Site Scripting (XSS)

Software Spectra Type Plugin Vulnerable versions = 2.10.3 Fixed in 2.10.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6486 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2ec9e8bd69ac Credits Akbar Kustirama Required...

6.4CVSS6AI score0.00572EPSS
Exploits1References3Affected Software1
0day.today
0day.today
added 2023/11/14 12:0 a.m.370 views

WordPress WP Rocket 2.10.3 Local File Inclusion Exploit

Paulos Yibelo discovered and reported this Local File Inclusion vulnerability in WordPress WP Rocket Plugin. This could allow a malicious actor to include local files of the target website and show its output onto the screen. Files which store credentials, such as database credentials, could...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2023/04/07 12:0 a.m.14 views

WordPress Simple Job Board Plugin <= 2.10.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Simple Job Board Type Plugin Vulnerable versions = 2.10.3 Fixed in 2.10.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-29440 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1d3f08dd8ec9 Credits Rafshanzani Suha...

8.8CVSS7AI score0.00315EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder