PT-2024-1345 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.35 and prior MySQL Server versions 8.2.0 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. This allows a high-privileged attacker...

PT-2024-1523

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.35 and prior MySQL Server versions 8.2.0 and prior Description The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. This can be exploited by a low-privileged...

PT-2024-1529

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.35 and prior MySQL Server versions 8.2.0 and prior Description The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. This can be exploited by a low-privileged...

PT-2024-1527

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.35 and prior MySQL Server versions 8.2.0 and prior Description The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. This can be exploited by a high-privilege...

JS & CSS Script Optimizer <= 0.3.3 - Cross-Site Request Forgery

Description The JS & CSS Script Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.3.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform and unauthorized...

CVE-2023-6699

The WP Compress – Image Optimizer All-In-One plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...

Directory traversal

The WP Compress – Image Optimizer All-In-One plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...

CVE-2023-6699 WP Compress – Image Optimizer [All-In-One] <= 6.10.33 - Unauthenticated Directory Traversal via css

The WP Compress – Image Optimizer All-In-One plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...

CVE-2023-6699

CVE-2023-6699 affects the WP Compress – Image Optimizer [All-In-One] WordPress plugin. All versions up to and including 6.10.33 are vulnerable to directory traversal via the css parameter, allowing unauthenticated attackers to read arbitrary server files. Wordfence and other sources note a patch/...

CVE-2023-52216

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

CVE-2023-52216

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

CVE-2023-52216 WordPress JS & CSS Script Optimizer Plugin <= 0.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

CVE-2023-52216 WordPress JS & CSS Script Optimizer Plugin <= 0.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

CVE-2023-52216

CVE-2023-52216 concerns the WordPress plugin JS & CSS Script Optimizer . Public sources in the connected set confirm a CSRF vulnerability affecting versions up to and including 0.3.3, with unauthenticated attackers able to coerce an authenticated site administrator to perform a forged action. The...

WordPress Plugin JS & CSS Script Optimizer Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2024-14480 · Unknown · Js & Css Script Optimizer

Name of the Vulnerable Software and Affected Versions: JS & CSS Script Optimizer versions 0.3.3 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the JS & CSS Script Optimizer. This type of issue allows an attacker to trick a user into performing unintended actions on a web...

WordPress JS & CSS Script Optimizer Plugin <= 0.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software JS & CSS Script Optimizer Type Plugin Vulnerable versions = 0.3.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-52216 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b2115f84b7a4 Credits Nguyen Xuan...

CVE-2023-31295

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...

CVE-2023-31300

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature...