Lucene search
K

144 matches found

CNNVD
CNNVD
added 2024/11/16 12:0 a.m.3 views

WordPress plugin Advanced Personalization 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS8.3AI score0.00509EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/16 12:0 a.m.4 views

PT-2024-35251 · Unknown · Flowcraft Ux Design Studio

Name of the Vulnerable Software and Affected Versions: Flowcraft UX Design Studio Advanced Personalization versions from n/a through 1.1.2 Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. This problem affects the Advanced Personalization...

9.8CVSS9.5AI score0.00509EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/11/13 9:21 a.m.5 views

WordPress Advanced Personalization plugin <= 1.1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Advanced Personalization versions = 1.1.2...

9.8CVSS7.3AI score0.00509EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.10 views

WordPress Advanced Personalization Plugin <= 1.1.2 is vulnerable to PHP Object Injection

Software Advanced Personalization Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52411 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2cda7f7032dc Credits Bonds Required privilege...

9.8CVSS7.2AI score0.00509EPSS
Exploits0References1Affected Software1
Citrix
Citrix
added 2024/11/02 12:0 a.m.10 views

New Teams Deployment Guidance for App Layering or User Personalization Layer(UPL)

Microsoft Teams 2.x has changed its installation method and now installs under C:\Program Files\WindowsApps. Based on those changes this article provides the specific steps for the deployment of the Teams 2.x in an App LayeringAL or User Personalization LayerUPL environment. For the most current...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/08/16 12:0 a.m.8 views

The vulnerability of the Personalization component of the Oracle Applications Framework, a web application development platform, within the Oracle E-Business Suite, allows an intruder to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Personalization component of the Oracle Applications Framework, a platform for developing web applications in enterprise automation systems within the Oracle E-Business Suite, is related to improper authentication. Exploiting this vulnerability allows an attacker to gain...

5.5CVSS7.4AI score0.00313EPSS
Exploits0References3Affected Software2
Patchstack
Patchstack
added 2024/07/15 2:59 a.m.4 views

WordPress if-so plugin < 1.8.0.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin If-So Dynamic Content Personalization versions 1.8.0.4...

4.8CVSS6.1AI score0.00374EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/07/15 12:0 a.m.14 views

WordPress If-So Dynamic Content Personalization Plugin < 1.8.0.4 is vulnerable to Cross Site Scripting (XSS)

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions 1.8.0.4 Fixed in 1.8.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6070 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aeca1edb610d Credits...

4.8CVSS5.8AI score0.00374EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/13 6:0 a.m.11 views

CVE-2024-5713 if-so < 1.8.0.4 - Reflected XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.4AI score0.00353EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/07/13 12:0 a.m.4 views

PT-2024-37364 · WordPress · If-So Dynamic Content Personalization

Name of the Vulnerable Software and Affected Versions: If-So Dynamic Content Personalization WordPress plugin versions prior to 1.8.0.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html...

4.8CVSS5.5AI score0.00374EPSS
Exploits1References5
NVD
NVD
added 2024/06/11 3:16 p.m.54 views

CVE-2024-34820

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

6.5CVSS0.00437EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/11 2:57 p.m.15 views

CVE-2024-34820 WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

6.5CVSS6.9AI score0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/11 2:57 p.m.59 views

CVE-2024-34820 WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

6.5CVSS0.00437EPSS
Exploits0References1
CVE
CVE
added 2024/06/11 2:57 p.m.61 views

CVE-2024-34820

CVE-2024-34820 : Missing Authorization vulnerability in the WordPress plugin If-So Dynamic Content Personalization (version range: n/a through 1.7.1). Multiple sources (e.g., Red Hat advisories, NVD/NVD detail) corroborate the same issue. The description specifies a broken/absent authorization co...

6.5CVSS6.8AI score0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.26 views

NVIDIA ChatRTX 安全漏洞

NVIDIA ChatRTX is a content personalization chatbot from NVIDIA Corporation. A security vulnerability exists in NVIDIA ChatRTX that stems from sensitive information being transmitted in clear text...

5.5CVSS6.4AI score0.00151EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/05/13 12:6 p.m.16 views

The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational system...

7.2AI score
Exploits0
Patchstack
Patchstack
added 2024/05/09 2:25 p.m.5 views

WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin If-So Dynamic Content Personalization versions = 1.7.1...

6.5CVSS7AI score0.00437EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/05/09 12:0 a.m.16 views

WordPress If-So Dynamic Content Personalization Plugin <= 1.7.1 is vulnerable to Broken Access Control

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34820 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e6c0da09a185 Credits...

6.5CVSS6.5AI score0.00437EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2024/02/28 12:2 p.m.26 views

Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data

In today's digital era, data privacy isn't just a concern; it's a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform CDP...

6.9AI score
Exploits0
NVD
NVD
added 2024/02/10 9:15 a.m.44 views

CVE-2023-51492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...

6.5CVSS6.4AI score0.00328EPSS
Exploits0References1
Rows per page
Query Builder