2120 matches found
DEBIAN-CVE-2024-26907
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single field "eseg-inlinehdr.start" at...
CVE-2024-31426
Cross-Site Request Forgery CSRF vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1...
CVE-2024-31426
Technical details about CVE-2024-31426 are not provided in the supplied documents. The entry describes a CSRF in Data443 Inline Related Posts (up to 3.3.1) with no exploitation data or remediation details; monitor for updates.
CVE-2024-31426 WordPress Inline Related Posts plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1...
CVE-2024-31426 WordPress Inline Related Posts plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1...
WordPress Inline Related Posts plugin < 3.6.0 - Subscriber+ Password Protected Post Read vulnerability
Subscriber+ Password Protected Post Read vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Inline Related Posts versions 3.6.0...
PT-2024-24067 · Data443 · Data443 Inline Related Posts
Name of the Vulnerable Software and Affected Versions: Data443 Inline Related Posts versions 3.3.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...
WordPress Inline Related Posts Plugin < 3.6.0 is vulnerable to Broken Access Control
Software Inline Related Posts Type Plugin Vulnerable versions 3.6.0 Fixed in 3.6.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-6257 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c2f0b627f547 Credits Krzysztof Zając CERT PL...
CVE-2023-6257
The Inline Related Posts WordPress plugin before 3.6.0 is missing authorization in an AJAX action to ensure that users are allowed to see the content of the posts displayed, allowing any authenticated user, such as subscriber to retrieve the content of password protected posts...
PT-2024-14915 · WordPress · Inline Related Posts
Name of the Vulnerable Software and Affected Versions: Inline Related Posts WordPress plugin versions prior to 3.6.0 Description: The issue is related to missing authorization in an AJAX action, which allows any authenticated user, such as a subscriber, to retrieve the content of password-protect...
WordPress Inline Related Posts plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin Inline Related Posts versions = 3.3.1...
WordPress Inline Related Posts Plugin <= 3.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Inline Related Posts Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.4.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31426 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 472557d2a031 Credits Brandon Roldan...
WordPress Inline Related Posts plugin < 3.5.0 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Inline Related Posts versions 3.5.0...
CVE-2024-2444
The Inline Related Posts WordPress plugin before 3.5.0 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-26706
In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random data corruption from exception handler The current exception handler implementation, which assists when accessing user space memory, may exhibit random data corruption if the compiler decides to use a different...
SUSE CVE-2024-30203
In Emacs before 29.3, Gnus treats inline MIME contents as trusted...
PT-2024-20395 · WordPress · Inline Related Posts
Name of the Vulnerable Software and Affected Versions: Inline Related Posts WordPress plugin versions prior to 3.5.0 Description: The issue concerns the Inline Related Posts WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users,...
Unspecified vulnerability in Gnu emacs (CNVD-2025-15363)
Gnu emacs is a family of text editors in the American GNU community. Gnu emacs suffers from a security vulnerability that stems from Gnus treating inline MIME content as trusted. No details of the vulnerability are provided at this time...
AZL-37081 CVE-2024-30203 affecting package emacs for versions less than 29.3-1
In Emacs before 29.3, Gnus treats inline MIME contents as trusted...
DEBIAN-CVE-2024-30203
In Emacs before 29.3, Gnus treats inline MIME contents as trusted...