WordPress WordPress Team Members – GS Plugins Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Team Members – GS Plugins Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 74a732ebddc0 Credits Unknown Requir...

Ashe Extra <= 1.2.9 - Subscriber+ Companion Plugin Activation & Content Import

Description The plugin does not have authorisation in various AJAX actions, allowing any authenticated user, such as subscribers to call them, and activate companion plugins as well as import content...

CVE-2023-47814

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Waterloo Plugins BMI Calculator Plugin plugin = 1.0.3 versions...

CVE-2023-47814

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Waterloo Plugins BMI Calculator Plugin plugin = 1.0.3 versions...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Waterloo Plugins BMI Calculator Plugin plugin = 1.0.3 versions...

CVE-2023-47814

CVE-2023-47814 corresponds to the BMI Calculator Plugin for WordPress (Waterloo Plugins) ≤ 1.0.3, with an authenticated (Contributor+) Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Public exploit details are not provided in the...

CVE-2023-27461

Cross-Site Request Forgery CSRF vulnerability in Yoohoo Plugins When Last Login plugin = 1.2.1 versions...

CVE-2023-27461

Cross-Site Request Forgery CSRF vulnerability in Yoohoo Plugins When Last Login plugin = 1.2.1 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Yoohoo Plugins When Last Login plugin = 1.2.1 versions...

CVE-2023-27461

CVE-2023-27461 is a CSRF vulnerability in the WordPress plugin When Last Login (

CVE-2023-27461 WordPress When Last Login Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Yoohoo Plugins When Last Login plugin = 1.2.1 versions...

PT-2023-30624 · Waterloo Plugins · Waterloo Plugins Bmi Calculator Plugin

Name of the Vulnerable Software and Affected Versions: Waterloo Plugins BMI Calculator Plugin versions 1.0.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting. Recommendations: For versions 1.0.3 an...

The vulnerability of the EventOn Lite and EventON plugins of the WordPress content management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the EventOn Lite and EventON plugins of the WordPress content management system is related to a processing error in authentication keys controlled by users. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

Debian DSA-5560-1 : strongswan - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5560 advisory. Florian Picca reported a bug in the charon-tkm daemon in strongSwan an IKE/IPsec suite. The TKM-backed version of the charon IKE daemon charon-tkm doesn't check the...

[SECURITY] Fedora 39 Update: gstreamer1-plugins-good-1.22.7-1.fc39

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

Fedora: Security Advisory for gstreamer1-plugins-base (FEDORA-2023-6a4aea6d13)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for gstreamer1-plugins-ugly-free (FEDORA-2023-6a4aea6d13)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for gstreamer1-plugins-bad-free (FEDORA-2023-6a4aea6d13)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2023-6a4aea6d13)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

container-tools:4.0 security and bug fix update

buildah 1:1.24.6-7 - rebuild for CVE-2023-29406 - Related: 2176055 1:1.24.6-6 - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400 - Resolves: 2179943 - Resolves: 2187341 - Resolves:...