CVE-2024-34800 WordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary plugin Installation vulnerability

Missing Authorization vulnerability in Crafthemes Crafthemes Demo Import crafthemes-demo-import allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crafthemes Demo Import: from n/a through = 3.3...

CVE-2024-34800 WordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary Plugin Installation vulnerability

Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import allows Functionality Misuse.This issue affects Crafthemes Demo Import: from n/a through 3.3...

CVE-2024-34800

CVE-2024-34800 affects the WordPress plugin Crafthemes Demo Import (

CVE-2022-45176

An issue was discovered in LIVEBOX Collaboration vDesk through v018. Stored Cross-site Scripting XSS can occur under the /api/v1/getbodyfile endpoint via the uri parameter. The web application through its vShare functionality section doesn't properly check parameters, sent in HTTP requests as...

CVE-2022-45176

An issue was discovered in LIVEBOX Collaboration vDesk through v018. Stored Cross-site Scripting XSS can occur under the /api/v1/getbodyfile endpoint via the uri parameter. The web application through its vShare functionality section doesn't properly check parameters, sent in HTTP requests as...

CVE-2022-45176

CVE-2022-45176 affects LIVEBOX Collaboration vDesk through v018. The issue is a stored Cross-site Scripting (XSS) vulnerability at the endpoint /api/v1/getbodyfile, triggered by the input parameter uri . The web application does not properly validate parameters before saving them on the server, a...

Citrix Workspace App for HTML5 - Chromium Update Impact on Multi Monitor Functionality

When you click Multimonitor from the session toolbar, the session might not extend automatically. The issue occurs when you use Citrix Workspace app for HTML5 version that is earlier than 2404, and the Google Chromium browser version is equal to or greater than v125.0.0...

CVE-2024-5126 Improper Access Control in lunary-ai/lunary

An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically within the versions.patch functionality for updating prompts. Affected versions include 1.2.2 up to but not including 1.2.25. The vulnerability allows unauthorized users to update prompt details due t...

CVE-2024-5526

Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers. Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery SSRF...

[SECURITY] Fedora 40 Update: qt5-qtserialport-5.15.14-1.fc40

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

CVE-2023-51544

Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through 5.2.5.0...

CVE-2023-51544

Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through 5.2.5.0...

CVE-2023-52147 WordPress All-In-One Security (AIOS) plugin <= 5.2.4 - Secret Login Page Location Disclosure on Multisites vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects All In One WP Security & Firewall: from n/a through 5.2.4...

CVE-2023-51544 WordPress RegistrationMagic plugin <= 5.2.5.0 - Form Submission Limit Bypass vulnerability

Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through 5.2.5.0...

CVE-2023-49774 WordPress WP Photo Album Plus plugin <= 8.5.02.005 - IP Bypass vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005...

CVE-2023-48747

Improper Authentication vulnerability in Pluggabl LLC Booster for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster for WooCommerce: from n/a through 7.1.2...

CVE-2023-48745

Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha Code allows Functionality Bypass.This issue affects Captcha Code: from n/a through 2.9...

CVE-2023-48290

Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through 1.15.20...

CVE-2023-48276

Improper Restriction of Excessive Authentication Attempts vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Functionality Bypass.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1...

CVE-2023-48747 WordPress Booster for WooCommerce plugin <= 7.1.2 - Authenticated Production Creation/Modification Vulnerability

Improper Authentication vulnerability in Pluggabl LLC Booster for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster for WooCommerce: from n/a through 7.1.2...