PT-2022-27365 · WordPress · Mega Addons

Name of the Vulnerable Software and Affected Versions: Mega Addons plugin for WordPress versions up to, and including, 4.2.7 Description: The issue is related to authorization bypass due to a missing capability check on the vc saving data function. This allows authenticated attackers with...

CVE-2022-2827

AMI MegaRAC User Enumeration Vulnerability...

Here’s How Bad a Twitter Mega-Breach Would Be

Elon Musk laid off half the staff, and mass resignations seem likely. If nobody’s there to protect the fort, what’s the worst that could happen?...

CVE-2022-36798

Cross-Site Request Forgery CSRF vulnerability in Topdigitaltrends Mega Addons For WPBakery Page Builder plugin = 4.2.7 at WordPress...

CVE-2022-36798

Cross-Site Request Forgery CSRF vulnerability in Topdigitaltrends Mega Addons For WPBakery Page Builder plugin = 4.2.7 at WordPress...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Topdigitaltrends Mega Addons For WPBakery Page Builder plugin = 4.2.7 at WordPress...

CVE-2022-36798 WordPress Mega Addons For WPBakery Page Builder plugin <= 4.2.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Topdigitaltrends Mega Addons For WPBakery Page Builder plugin = 4.2.7 at WordPress...

CVE-2022-36798

CVE-2022-36798 is a CSRF vulnerability affecting the WordPress plugin Mega Addons For WPBakery Page Builder

WordPress plugin Topdigitaltrends Mega Addons For WPBakery Page Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2022-40191

Authenticated subscriber+ Stored Cross-Site Scripting XSS vulnerability in Ali Khallad's Contact Form By Mega Forms plugin = 1.2.4 at WordPress...

CVE-2022-40191

Summary: CVE-2022-40191 affects the WordPress plugin “Ali Khallad’s Contact Form By Mega Forms” up to version 1.2.4. The issue is an authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability stemming from inadequate sanitization/escaping of input, enabling script injection by us...

CVE-2022-40191 WordPress Contact Form By Mega Forms plugin <= 1.2.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated subscriber+ Stored Cross-Site Scripting XSS vulnerability in Ali Khallad's Contact Form By Mega Forms plugin = 1.2.4 at WordPress...

WordPress plugin Contact Form By Mega Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

PT-2022-25272 · WordPress · Ali Khallad'S Contact Form By Mega Forms

Name of the Vulnerable Software and Affected Versions: Ali Khallad's Contact Form By Mega Forms plugin versions = 1.2.4 Description: The issue is an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with subscriber or higher privileges can inject malicious...

DEBIAN-CVE-2019-25076

The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...

Contact Form By Mega Forms < 1.2.5 - Subscriber+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as subscriber to perform Stored Cross-Site Scripting attacks...

WordPress Contact Form By Mega Forms plugin <= 1.2.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress Contact Form By Mega Forms plugin versions = 1.2.4. Solution Update the WordPress Contact Form By Mega Forms – Drag and Drop Form Builder plugin to the latest available version at...

WordPress Mega Addons For WPBakery Page Builder plugin <= 4.2.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to plugin Options Update Enable/Disable Element discovered by Rasi Afeef in WordPress Mega Addons For WPBakery Page Builder plugin versions = 4.2.7. Solution Deactivate and delete. No reply from the vendor...

CVE-2022-32429

An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution...

CVE-2022-32429

An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution...