WordPress Simplelightbox plugin <= 2.14.4 - Stored DOM-Based Cross-Site Scripting via SimpleLightbox JavaScript Library

Stored DOM-Based Cross-Site Scripting via SimpleLightbox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Simplelightbox versions = 2.14.4...

WordPress illi Link Party! plugin <= 1.0 - Admin+ Stored Cross-Site Scripting vulnerability

Admin+ Stored Cross-Site Scripting vulnerability discovered by Bob Matyas in WordPress Plugin illi Link Party! versions = 1.0...

WordPress WS Audio Player plugin <= 1.1.8 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by johska in WordPress Plugin WS Audio Player versions = 1.1.8...

WordPress InfiniteWP Client Plugin <= 1.11.1 is vulnerable to Sensitive Data Exposure

Software InfiniteWP Client Type Plugin Vulnerable versions = 1.11.1 Fixed in 1.12.1 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-2916 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 88e39a11f14f Credits Lana Codes Required...

Fedora 38 : zchunk (2023-86dce75007)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-86dce75007 advisory. Fix several low severity security bugs. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...