144 matches found
WordPress plugin Advanced Personalization 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-35251 · Unknown · Flowcraft Ux Design Studio
Name of the Vulnerable Software and Affected Versions: Flowcraft UX Design Studio Advanced Personalization versions from n/a through 1.1.2 Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. This problem affects the Advanced Personalization...
WordPress Advanced Personalization plugin <= 1.1.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Advanced Personalization versions = 1.1.2...
WordPress Advanced Personalization Plugin <= 1.1.2 is vulnerable to PHP Object Injection
Software Advanced Personalization Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52411 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2cda7f7032dc Credits Bonds Required privilege...
New Teams Deployment Guidance for App Layering or User Personalization Layer(UPL)
Microsoft Teams 2.x has changed its installation method and now installs under C:\Program Files\WindowsApps. Based on those changes this article provides the specific steps for the deployment of the Teams 2.x in an App LayeringAL or User Personalization LayerUPL environment. For the most current...
The vulnerability of the Personalization component of the Oracle Applications Framework, a web application development platform, within the Oracle E-Business Suite, allows an intruder to gain unauthorized access to read, modify, or delete data.
The vulnerability of the Personalization component of the Oracle Applications Framework, a platform for developing web applications in enterprise automation systems within the Oracle E-Business Suite, is related to improper authentication. Exploiting this vulnerability allows an attacker to gain...
WordPress if-so plugin < 1.8.0.4 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin If-So Dynamic Content Personalization versions 1.8.0.4...
WordPress If-So Dynamic Content Personalization Plugin < 1.8.0.4 is vulnerable to Cross Site Scripting (XSS)
Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions 1.8.0.4 Fixed in 1.8.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6070 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aeca1edb610d Credits...
CVE-2024-5713 if-so < 1.8.0.4 - Reflected XSS
The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
PT-2024-37364 · WordPress · If-So Dynamic Content Personalization
Name of the Vulnerable Software and Affected Versions: If-So Dynamic Content Personalization WordPress plugin versions prior to 1.8.0.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html...
CVE-2024-34820
Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...
CVE-2024-34820 WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...
CVE-2024-34820 WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...
CVE-2024-34820
CVE-2024-34820 : Missing Authorization vulnerability in the WordPress plugin If-So Dynamic Content Personalization (version range: n/a through 1.7.1). Multiple sources (e.g., Red Hat advisories, NVD/NVD detail) corroborate the same issue. The description specifies a broken/absent authorization co...
NVIDIA ChatRTX 安全漏洞
NVIDIA ChatRTX is a content personalization chatbot from NVIDIA Corporation. A security vulnerability exists in NVIDIA ChatRTX that stems from sensitive information being transmitted in clear text...
The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield
With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational system...
WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin If-So Dynamic Content Personalization versions = 1.7.1...
WordPress If-So Dynamic Content Personalization Plugin <= 1.7.1 is vulnerable to Broken Access Control
Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34820 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e6c0da09a185 Credits...
Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data
In today's digital era, data privacy isn't just a concern; it's a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform CDP...
CVE-2023-51492
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...