3 matches found
CVE-2026-41419 4ga Boards: Import Path Traversal Leads to Arbitrary File Read
4ga Boards is a boards system for realtime project management. Prior to 3.3.5, a path traversal vulnerability allows an authenticated user with board import privileges to make the server ingest arbitrary host files as board attachments during BOARDS archive import. Once imported, the file can be...
WordPress MyBookTable Bookstore Plugin <= 3.3.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software MyBookTable Bookstore Type Plugin Vulnerable versions = 3.3.4 Fixed in 3.3.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48331 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ac06dff1976c Credits Nguyen Xuan...
WordPress eCommerce Product Catalog Plugin <= 3.3.4 is vulnerable to Cross Site Scripting (XSS)
Software eCommerce Product Catalog Type Plugin Vulnerable versions = 3.3.4 Fixed in 3.3.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25049 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0a25dfcf24b7 Credits Abdi Pranata...