CVE-2022-2540 Link Optimizer Lite <= 1.4.5 - Cross-Site Request Forgery to Cross-Site Scripting

The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. This is due to missing nonce validation on the adminpage function found in the /admin.php file. This makes it possible for unauthenticated...

CVE-2022-2540

The CVE concerns the WordPress plugin Link Optimizer Lite (versions up to and including 1.4.5). The underlying issue is missing nonce validation in the admin.php function, enabling CSRF that can lead to Cross‑Site Scripting. The vulnerability could allow unauthenticated attackers to modify plugin...

PT-2022-17263 · WordPress · Link Optimizer Lite

Name of the Vulnerable Software and Affected Versions: Link Optimizer Lite plugin for WordPress versions up to, and including 1.4.5 Description: The issue is due to missing nonce validation on the admin page function found in the admin.php file. This allows unauthenticated attackers to modify the...

WordPress plugin Link Optimizer Lite 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress Ping Optimizer plugin <= 2.35.1.2.3 - Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Settings Update via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress Ping Optimizer plugin versions = 2.35.1.3.0. Solution Update the WordPress WordPress Ping Optimizer plugin to the latest available version at least 2.35.1.3.0...

WordPress Ping Optimizer < 2.35.1.3.0 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC http://evil.com aaaa bbbb...

WordPress Ping Optimizer < 2.35.1.3.0 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack http://evil.com aaaa bbbb document.getElementById"test".submit;...

CVE-2022-21526

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2022-21509

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

WordPress Link Optimizer Lite plugin <= 1.4.5 - Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS discovered by Hayato Takizawa in WordPress Link Optimizer Lite plugin versions = 1.4.5. Solution Deactivate and delete. This plugin has been closed as of July 26, 2022 and is not available for download. This closure...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL protocol...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL protocol...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-54314)

Oracle MySQL Server is a relational database from Oracle Corporation. A denial-of-service vulnerability exists in the Server: Optimizer component of Oracle MySQL Server 8.0.29 and prior versions. An attacker can use this vulnerability to compromise MySQL Server by accessing the network via multip...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-54318)

Oracle MySQL Server is a relational database from Oracle Corporation. Oracle MySQL Server 8.0.28 and earlier versions have a denial-of-service vulnerability in the Server: Optimizer component, which can be exploited by attackers to cause MySQL Server to hang or crash...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-54317)

Oracle MySQL Server is a relational database from Oracle Corporation. A denial-of-service vulnerability exists in the Server: Optimizer component of Oracle MySQL Server 8.0.28 and prior versions. An attacker can use this vulnerability to cause MySQL Server to hang or crash...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-54311)

Oracle MySQL Server is a relational database from Oracle Corporation. A denial of service vulnerability exists in the Server: Optimizer component of Oracle MySQL Server 8.0.29 and earlier. An attacker can exploit this vulnerability to corrupt MySQL Server by accessing the network over multiple...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-54312)

Oracle MySQL Server is a relational database from Oracle Corporation. A denial-of-service vulnerability exists in the Server: Optimizer component of Oracle MySQL Server 8.0.29 and prior versions. An attacker can use this vulnerability to compromise MySQL Server by accessing the network via multip...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-54313)

Oracle MySQL Server is a relational database from Oracle Corporation. A denial-of-service vulnerability exists in the Server: Optimizer component of Oracle MySQL Server 8.0.29 and prior versions. An attacker can use this vulnerability to compromise MySQL Server by accessing the network via multip...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-54319)

Oracle MySQL Server is a relational database from Oracle Corporation. Oracle MySQL Server 8.0.28 and earlier versions have a denial-of-service vulnerability in the Server: Optimizer component, which can be exploited by attackers to cause MySQL Server to hang or crash...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL protocol...