15 matches found
EUVD-2023-51913
Malicious code in bioql PyPI...
EUVD-2023-38149
Malicious code in bioql PyPI...
CVE-2023-47818
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in LWS LWS Hide Login allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LWS Hide Login: from n/a through 2.1.8...
CVE-2023-47818
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in LWS LWS Hide Login allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LWS Hide Login: from n/a through 2.1.8...
CVE-2023-47818 WordPress LWS Hide Login plugin <= 2.1.8 - Secret Login Page Location Disclosure on Multisites vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in LWS LWS Hide Login allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LWS Hide Login: from n/a through 2.1.8...
LWS Hide Login < 2.1.9 - Protection Mechanism Bypass
Description The LWS Hide Login plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 2.1.8. This is due to the fact that attackers can bypass the hidden login page by visiting install.php. This makes it possible for unauthenticated attackers to...
WordPress LWS Hide Login Plugin <= 2.1.8 is vulnerable to Bypass Vulnerability
Software LWS Hide Login Type Plugin Vulnerable versions = 2.1.8 Fixed in 2.1.9 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2023-47818 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID 6d52db64950c Credits Naveen Muthusamy Required privilege...
CVE-2023-34025
A vulnerability in Aurélien LWS LWS Hide Login lws-hide-login.This issue affects LWS Hide Login: from n/a through = 2.1.6...
CVE-2023-34025
Cross-Site Request Forgery CSRF vulnerability in LWS LWS Hide Login plugin = 2.1.6 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in LWS LWS Hide Login plugin = 2.1.6 versions...
CVE-2023-34025 WordPress LWS Hide Login plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) vulnerability
A vulnerability in Aurélien LWS LWS Hide Login lws-hide-login.This issue affects LWS Hide Login: from n/a through = 2.1.6...
CVE-2023-34025 WordPress LWS Hide Login Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in LWS LWS Hide Login plugin = 2.1.6 versions...
CVE-2023-34025
CVE-2023-34025 affects the WordPress plugin LWS Hide Login (versions ≤ 2.1.6). It is a CSRF vulnerability with CVSSv3.1 base score 8.8 (HIGH) and an attack vector of network, requiring user interaction. Remediation: upgrade to version 2.1.7 or later (patch released) to fix the issue. Exploitation...
PT-2023-24640 · WordPress · Wps Hide Login
Name of the Vulnerable Software and Affected Versions: LWS Hide Login plugin versions = 2.1.6 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...
WordPress LWS Hide Login Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software LWS Hide Login Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-34025 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 568d5d97d18d Credits konagash Required...