Drupal Browser Back Button module 1.0.0-2.0.1 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Patrick Fey in WordPress Module Browser Back Button versions 1.0.0-2.0.1...

CVE-2024-51649

Cross-Site Request Forgery CSRF vulnerability in Patrick Lumumba Mobilize mobilize allows Stored XSS.This issue affects Mobilize: from n/a through = 3.0.7...

CVE-2024-51649

The CVE CVE-2024-51649 affects the WordPress Mobilize plugin and describes a Cross-Site Request Forgery (CSRF) flaw that enables Stored XSS. Affected version range is Mobilize up to 3.0.7 (and earlier). The connected sources consistently state CSRF leading to stored XSS, but none of the documents...

Moxa UDP Device Discovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moxa UDP Device Discovery', 'Description' = %q The Moxa protocol listens on 4800/UDP and will respond to broadcast or direct traffic. The service...

CVE-2024-43216

The CVE CVE-2024-43216 targets Filr – Secure document library (WordPress plugin). It reports improper input neutralization leading to stored XSS in web page generation, affecting Filr library versions from n/a up to 1.2.4. The issue is categorized as Stored XSS with impact limited to confidential...

CVE-2024-43216 WordPress Filr plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Chill Filr filr-protection.This issue affects Filr: from n/a through = 1.2.4...

CVE-2024-43216 WordPress Filr plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Chill Filr filr-protection.This issue affects Filr: from n/a through = 1.2.4...

WordPress Filr – Secure document library Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Filr – Secure document library Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43216 Patch priority Low CVSS severity Low 6.5 Developer Patrick Posner PSID d8538e254980 Credits domiee13 Required...

CVE-2024-32825

Insertion of Sensitive Information Into Sent Data vulnerability in Simply Static Simply Static simply-static.This issue affects Simply Static: from n/a through = 3.1.3...

CVE-2024-32825 WordPress Simply Static plugin <= 3.1.3 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Simply Static Simply Static simply-static.This issue affects Simply Static: from n/a through = 3.1.3...

CVE-2024-32825

CVE-2024-32825 is an active issue affecting the WordPress plugin Simply Static. The description indicates an insertion of sensitive information into log files, affecting versions from n/a through 3.1.3. The CVSS metrics listed with a base score of 7.5 (HIGH) and network attack vector with no auth...

WordPress Simply Static Plugin <= 3.1.3 is vulnerable to Sensitive Data Exposure

Software Simply Static Type Plugin Vulnerable versions = 3.1.3 Fixed in 3.1.4 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-32825 Patch priority Low CVSS severity Low 7.5 Developer Patrick Posner PSID 576bd2a49a3c Credits CatFather Required privilege...

patrick-koglin.com Cross Site Scripting vulnerability OBB-3903588

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

patrickhespeler.de Cross Site Scripting vulnerability OBB-3903590

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Passster – Password Protection Plugin <= 4.2.6.4 is vulnerable to Cross Site Scripting (XSS)

Software Passster – Password Protection Type Plugin Vulnerable versions = 4.2.6.4 Fixed in 4.2.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2026 Patch priority Low CVSS severity Low 6.5 Developer Patrick Posner PSID e14038938ff1 Credits...

CVE-2024-30178 WordPress Simply Static plugin <= 3.1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Simply Static Simply Static simply-static.This issue affects Simply Static: from n/a through = 3.1.3...

A Bootiful Podcast: Spring trainer extraordinairre Patrick Baumgartner

Hi, Spring fans! In this installment, I talked to Spring trainer extraordinaire, long-time community contributor, and Voxxed Days co-organizer for various shows in Switzerland. This talk was recorded live at Voxxed Days CERN!...

patrick-cz.cz Cross Site Scripting vulnerability OBB-3819851

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Input validation

Improper Neutralization of Formula Elements in a CSV File vulnerability in Patrick Robrecht Posts and Users Stats.This issue affects Posts and Users Stats: from n/a through 1.1.3...

CVE-2022-44738

CVE-2022-44738 relates to the WordPress Posts and Users Stats plugin (