CVE-2024-4611

The AppPresser plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'decryptvalue' and on the 'doCookieAuth' functions in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to log in as any existing user on the sit...

CVE-2024-3729

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'feaencrypt' function in all versions up to, and including, 3.19.4. This makes it possible for unauthenticated attackers to manipulate the user processing forms, which can ...

PT-2024-27449 · Dynamiapps · The Frontend Admin

Name of the Vulnerable Software and Affected Versions: The Frontend Admin by DynamiApps plugin for WordPress versions up to, and including, 3.19.4 Description: The issue is related to improper missing encryption exception handling on the fea encrypt function. This allows unauthenticated attackers...

LDAP Account Manager 跨站脚本漏洞

LDAP Account Manager is a web front-end for managing entries e.g., users, groups, DHCP settings stored in the LDAP directory. cross-site scripting vulnerability exists in LDAP Account Manager LAM versions prior to 8.0, which stems from the fact that if the PHP OpenSSL extension is not installed o...