CVE-2023-38692

CloudExplorer Lite is an open source, lightweight cloud management platform. Versions prior to 1.3.1 contain a command injection vulnerability in the installation function in module management. The vulnerability has been fixed in v1.3.1. There are no known workarounds aside from upgrading...

WordPress Scratch & Win – Giveaways and Contests plugin <= 2.7.1 - Cross-Site Request Forgery via reset_installation Function vulnerability

Cross-Site Request Forgery via resetinstallation Function vulnerability discovered by Peter Thaleikis in WordPress Plugin Scratch & Win – Giveaways and Contests versions = 2.7.1...

CVE-2023-38692 Command injection vulnerability in module management function in CloudExplorer Lite

CloudExplorer Lite is an open source, lightweight cloud management platform. Versions prior to 1.3.1 contain a command injection vulnerability in the installation function in module management. The vulnerability has been fixed in v1.3.1. There are no known workarounds aside from upgrading...

PT-2023-16642 · WordPress · Inisev

Name of the Vulnerable Software and Affected Versions: Inisev WordPress plugins affected versions not specified Description: The issue allows authenticated attackers with minimal permissions to install select plugins due to a missing capability check on the handle installation function. This...