CVE-2023-35089

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin = 8.0.7 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin = 8.0.7 versions...

The vulnerability of the Bad plugin (gst-plugins-bad) in the Gstreamer multimedia framework allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the Bad gst-plugins-bad plugin in the Gstreamer multimedia framework is related to insufficient protection of service data due to the absence of security updates on the remote host. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 3, 2023 to July 9, 2023)

Last week, there were 61 vulnerabilities disclosed in 54 WordPress Plugins and 1 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 28 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities i...

[SECURITY] Fedora 38 Update: mingw-nsis-3.09-1.fc38

NSIS, the Nullsoft Scriptable Install System, is a script-driven Windows installation system. This package includes native Fedora binaries of makensis etc. and all plugins...

com.groupon.jenkins-ci.plugins:DotCi (>=2.8.9 <=2.40.00), com.groupon.jenkins-ci.plugins:DotCi-Fig-template (=1.1.0) +5 more potentially affected by CVE-2023-37954 via com.sonyericsson.hudson.plugins.rebuild:rebuild (>=1.16 <=1.25)

com.sonyericsson.hudson.plugins.rebuild:rebuild MAVEN version =1.16, =2.8.9, =1.1.3, =1.7.2, =1.1.2, =1.0.0, =1.1.2 - hudson.plugins:project-inheritance =2.0.0 Source cves: CVE-2023-37954 Source advisory: OSV:GHSA-5R5C-7RM4-MP4R...

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +135 more potentially affected by CVE-2023-36543 via apache-airflow (>=1.8.2 <=2.5.3)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2023-36543 Source advisory: OSV:GHSA-3H4M-M55V-GX4M...

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +135 more potentially affected by CVE-2023-35908 via apache-airflow (>=1.8.2 <=2.5.3)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2023-35908 Source advisory: OSV:PYSEC-2023-119...

CVE-2023-23897

Cross-Site Request Forgery CSRF vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin = 1.7.2 versions...

CVE-2023-23897

Cross-Site Request Forgery CSRF vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin = 1.7.2 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin = 1.7.2 versions...

CVE-2023-23897 WordPress Simple Mobile URL Redirect Plugin <= 1.7.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin = 1.7.2 versions...

CVE-2023-23897 WordPress Simple Mobile URL Redirect Plugin <= 1.7.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin = 1.7.2 versions...

CVE-2023-23897

Ozette Plugins Simple Mobile URL Redirect (WordPress) is vulnerable to Cross-Site Forgery Request (CSRF) in versions

Arbitrary command execution on Windows

Description Opening files from an untrusted directory can lead to execution of arbitrary commands on Windows systems, this is possible by having a malicious file with the same name as a trusted executable, Windows gives priority to the current directory when searching for executables. Several...

Multiple Plugins from Addify - Multiple CSRF

The plugins have flawed CSRF checks in various places, which could allow attackers to make logged in users perform unwanted actions PoC addify-order-approval-woocommerce - To make a logged in admin approve the order with ID 103...

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=5.2.0), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=5.1.2) +3 more potentially affected by CVE-2023-41044 via org.graylog2:graylog2-server (>=5.1.0 <=5.1.2)

org.graylog2:graylog2-server MAVEN version =5.1.0, =5.1.0, =5.1.0, =5.1.13 Source cves: CVE-2023-41044 Source advisory: OSV:GHSA-2Q4P-F6GF-MQR5...

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=5.2.0), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=5.1.2) +3 more potentially affected by CVE-2023-41045 via org.graylog2:graylog2-server (>=5.1.0 <=5.1.2)

org.graylog2:graylog2-server MAVEN version =5.1.0, =5.1.0, =5.1.0, =5.1.13 Source cves: CVE-2023-41045 Source advisory: OSV:GHSA-G96C-X7RH-99R3...

com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=1.1.0 <=4.1.1), com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=1.0.0 <=5.0.0) +12 more potentially affected by CVE-2023-41045 via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=5.0.8)

org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: CVE-2023-41045 Source advisory: OSV:GHSA-G96C-X7RH-99R3...

com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=1.1.0 <=4.1.1), com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=1.0.0 <=5.0.0) +12 more potentially affected by CVE-2023-41041 via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=5.0.8)

org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: CVE-2023-41041 Source advisory: OSV:GHSA-3FQM-FRHG-7C85...