WordPress plugin Search, Filters & Merchandising for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress Search, Filters & Merchandising for WooCommerce plugin <= 3.0.63 - Missing Authorization to Authenticated (Subscriber+) plugin Deactivation vulnerability

Missing Authorization to Authenticated Subscriber+ plugin Deactivation vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Search, Filters & Merchandising for WooCommerce versions = 3.0.63...

EUVD-2018-14585

Malware in sbrugna...

WordPress plugin Search, Filters & Merchandising for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Search Merchandising – Track & Manage WooCommerce Product Search plugin <= 1.0.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Search Merchandising – Track & Manage WooCommerce Product Search plugin versions = 1.0.4. Solution No patched version available...

WordPress Search Merchandising – Track & Manage WooCommerce Product Search plugin <= 1.0.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Search Merchandising – Track & Manage WooCommerce Product Search plugin versions = 1.0.4. Solution No patched version available...

CVE-2019-2713

Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce subcomponent: Asset Manager. The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Merchandisin...

CVE-2019-2713

Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce subcomponent: Asset Manager. The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Merchandisin...

Design/Logic Flaw

Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce subcomponent: Asset Manager. The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Merchandisin...

CVE-2019-2713

Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce subcomponent: Asset Manager. The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Merchandisin...

CVE-2019-2713

Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce subcomponent: Asset Manager. The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Merchandisin...

CVE-2019-2713

CVE-2019-2713 affects Oracle Commerce Merchandising (Asset Manager) with version 11.2.0.3. The vulnerability allows an unauthenticated attacker to access the system over HTTP, potentially causing unauthorized updates, inserts, or deletions, and unauthorized reads of Oracle Commerce Merchandising ...

The vulnerability of the Security component (SQL Logger) of the Oracle Retail Merchandising System allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Security component SQL Logger of the Oracle Retail Merchandising System is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protoc...

Unspecified Vulnerability in Oracle Retail Applications Retail Merchandising System

Oracle Retail Applications is the United States Oracle Oracle company's set of retail applications store solutions. Retail Merchandising System is one of the retail store sales system. An unspecified vulnerability exists in Oracle Retail Applications Retail Merchandising System. An attacker could...

CVE-2018-3125

Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications subcomponent: Security SQL Logger. The supported version that is affected is 14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2018-3125

Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications subcomponent: Security SQL Logger. The supported version that is affected is 14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2018-3125

CVE-2018-3125 affects Oracle Retail Merchandising System (Oracle Retail Applications), specifically the Security (SQL Logger) subcomponent. Affected version 14.1 is vulnerable to unauthenticated HTTP access that can lead to unauthorized read, update, insert, or delete operations on Oracle Retail ...

CVE-2018-3125

Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications subcomponent: Security SQL Logger. The supported version that is affected is 14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2018-3125

Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications subcomponent: Security SQL Logger. The supported version that is affected is 14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

FasterXML Jackson-databind Polymorphic Deserialization Multiple Security Vulnerability

Description FasterXML Jackson-databind is prone to multiple security vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code, bypass certain security restrictions, perform unauthorized actions or obtain potentially sensitive information. Failed exploi...