mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

PT-2022-5159 · Oracle +5 · Mysql Server +4

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.29 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols to...

PT-2023-1191 · Mysql Server +4 · Mysql Server +4

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.29 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols to...

PT-2022-5161 · Oracle +5 · Mysql Server +4

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.29 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols to...

CVE-2022-1591

The WordPress Ping Optimizer WordPress plugin before 2.35.1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1591

The WordPress Ping Optimizer WordPress plugin before 2.35.1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Cross site request forgery (csrf)

The WordPress Ping Optimizer WordPress plugin before 2.35.1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1591

CVE-2022-1591 affects the WordPress Ping Optimizer plugin for WordPress, versions prior to 2.35.1.3.0. The issue is a lack of CSRF protection when updating plugin settings, which could allow an attacker to induce a logged-in admin to change settings via a CSRF attack. The available connected sour...

CVE-2022-1591 WordPress Ping Optimizer < 2.35.1.3.0 - Arbitrary Settings Update via CSRF

The WordPress Ping Optimizer WordPress plugin before 2.35.1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

reSmush.it Image Optimizer < 0.4.6 - Admin+ Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when unfilteredhtml is disallowed. PoC POST /wp-admin/options.php HTTP/1.1 Accept:...

WordPress plugin WordPress Ping Optimizer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2022-13988 · WordPress · Wordpress Ping Optimizer

Name of the Vulnerable Software and Affected Versions: WordPress Ping Optimizer versions prior to 2.35.1.3.0 Description: The issue is related to the lack of a CSRF check when updating settings in the WordPress Ping Optimizer plugin. This could allow attackers to make a logged-in admin change...

WordPress reSmush.it Image Optimizer plugin <= 0.4.5 - Authenticated Cross-Site Scripting (XSS) vulnerability

Authenticated Cross-Site Scripting XSS vulnerability discovered by Raad Haddad Cloudyrion GmbH in WordPress reSmush.it Image Optimizer plugin versions = 0.4.5. Solution Update the WordPress reSmush.it plugin to the latest available version at least 0.4.6...

reSmush.it Image Optimizer < 0.4.6 - Admin+ Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when unfilteredhtml is disallowed. POST /wp-admin/options.php HTTP/1.1 Accept:...

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...