WordPress Element Pack Elementor Addons Plugin <= 5.10.1 is vulnerable to Cross Site Scripting (XSS)

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.10.1 Fixed in 5.10.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9868 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8d9aa88ca0eb Credits zer0gh0s...

Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005539 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF i...

WordPress RLM Elementor Widgets Pack plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin RLM Elementor Widgets Pack versions = 1.3.1...

WordPress RLM Elementor Widgets Pack Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software RLM Elementor Widgets Pack Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50542 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 13798bc26100 Credits Gab Required privilege...

Security Bulletin: IBM MQ is affected by a vulnerability in IBM WebSphere Application Server Liberty (CVE-2023-50314)

Summary An issue was identified with IBM WebSphere Application Server Liberty, which IBM MQ ships and uses to supply IBM MQ Console and IBM MQ REST API functionality. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could...

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in the IBM Runtime Environment, Java Technology Edition

Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition, version 8 which is shipped with IBM MQ. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause...

ROS-20241029-02

A vulnerability in the Action Dispatch component of the Ruby interpreter with the Action Pack extension is related to bugs in the procedures for filtering Action Dispatch request parameters. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...

CVE-2024-50453

Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through 2.0.9...

CVE-2024-50453

Relative Path Traversal vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through = 2.0.9...

CVE-2024-50453 WordPress The Pack Elementor addons plugin <= 2.0.9 - Local File Inclusion vulnerability

Relative Path Traversal vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through = 2.0.9...

CVE-2024-50453 WordPress The Pack Elementor addons plugin <= 2.0.9 - Local File Inclusion vulnerability

Relative Path Traversal vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through = 2.0.9...

CVE-2024-50453

CVE-2024-50453 is a Relative Path Traversal vulnerability in the WordPress plugin family The Pack Elementor addons. Affected versions are listed as from n/a through 2.0.9. The underlying issue enables PHP Local File Inclusion, which could allow an attacker to access restricted files on the server...

CVE-2024-50465

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP SEO – Calin Vingan Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: from n/a through 1.6.001...

CVE-2024-50465

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP SEO – Calin Vingan Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: from n/a through 1.6.001...

CVE-2024-50465

CVE-2024-50465 affects WordPress Premium SEO Pack (WP SEO) plugin versions &lt;= 1.6.001. The vulnerability is an SQL Injection due to improper neutralization of special elements in SQL commands. Patchstack and CVE entries indicate the fix is in version 1.6.002. Exploitation details are not provi...

CVE-2024-50465 WordPress Premium SEO Pack plugin <= 1.6.001 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP SEO – Calin Vingan Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: from n/a through 1.6.001...

PT-2024-34228 · Unknown · The Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Pack Elementor addons versions 2.0.9 and earlier Description: A Relative Path Traversal vulnerability in The Pack Elementor addons allows PHP Local File Inclusion. Recommendations: For versions 2.0.9 and earlier, update to a version later...

WordPress plugin Premium SEO Pack SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2024-34241 · Unknown · Wp Seo – Calin Vingan Premium Seo Pack

Name of the Vulnerable Software and Affected Versions: WP SEO – Calin Vingan Premium SEO Pack versions 1.6.001 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection...

Fedora: Security Advisory (FEDORA-2024-204d982a2e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...