CVE-2023-51358

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

CVE-2023-51358

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

CVE-2023-51354

Cross-Site Request Forgery CSRF vulnerability in WebbaPlugins Appointment & Event Booking Calendar Plugin – Webba Booking.This issue affects Appointment & Event Booking Calendar Plugin – Webba Booking: from n/a through 4.5.33...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

CVE-2023-51358

CVE-2023-51358 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Block IPs for Gravity Forms . Public records indicate it affects the Gravity Forms Block IPs feature up to version 1.0.1 , with patches applying in newer releases. The connected documents do not provide ex...

CVE-2023-51361

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button allows Stored XSS.This issue affects Sticky Chat Widget: Click to chat, SMS,...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button allows Stored XSS.This issue affects Sticky Chat Widget: Click to chat, SMS,...

CVE-2023-51361

Technical details (affected product/component, root cause, exploitability and fix) are not publicly provided in the supplied materials. Monitor for updates from official advisories and vendor notices.

CVE-2023-51361 WordPress Sticky Chat Widget Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button allows Stored XSS.This issue affects Sticky Chat Widget: Click to chat, SMS,...

PT-2023-31789 · Unknown · Bright Plugins Block Ips For Gravity Forms

Name of the Vulnerable Software and Affected Versions: Bright Plugins Block IPs for Gravity Forms versions 1.0.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed. This can be exploited by tricking a user into...

CVE-2023-50845

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or...

CVE-2023-50845

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or...

CVE-2023-50857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...

WordPress Events Shortcodes & Templates For The Events Calendar Plugin <= 2.3.1 is vulnerable to SQL Injection

Software Events Shortcodes & Templates For The Events Calendar Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-52142 Patch priority Low CVSS severity Low 7.6 Developer Cool Plugins PSID f41586200b0e Credits Muhammad Daffa...

SUSE SLES12: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2023:4972-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4972-1 advisory. - CVE-2023-40475: Fixed GStreamer MXF File Parsing Integer Overflow bsc1215792. Tenable has extracted the preceding description block direct...

SUSE: Security Advisory (SUSE-SU-2023:4972-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4972-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: - CVE-2023-40475: Fixed GStreamer MXF File Parsing Integer Overflow bsc1215792...

WordPress Webba Booking Plugin <= 4.5.33 is vulnerable to Cross Site Request Forgery (CSRF)

Software Webba Booking Type Plugin Vulnerable versions = 4.5.33 Fixed in 5.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51354 Patch priority Low CVSS severity Low 4.3 Developer Webba Plugins PSID a11b85f9cf3e Credits Skalucy Required privile...

SUSE: Security Advisory (SUSE-SU-2023:4971-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for mingw-gstreamer1-plugins-good (FEDORA-2023-0984b63b23)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...