WordPress Kodex Posts likes plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Kodex Posts likes versions = 2.5.0...

WordPress Kodex Posts likes Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS)

Software Kodex Posts likes Type Plugin Vulnerable versions = 2.5.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44036 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a36dce24013f Credits SOPROBRO Required privilege...

WordPress Posts reminder plugin <= 0.20 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Posts reminder versions = 0.20...

CVE-2024-8093

The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8093

The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8093 Posts reminder <= 0.20 - Settings Update via CSRF

The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8093 Posts reminder <= 0.20 - Settings Update via CSRF

The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

WordPress plugin Posts reminder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Woocommerce is one of the e-commerce plugins.WordPress plugin is an application plugin...

WordPress Posts reminder Plugin <= 0.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software Posts reminder Type Plugin Vulnerable versions = 0.20 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8093 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f49f52b3e7c5 Credits Daniel Ruf Required...

netty-codec-http: Allocation of Resources Without Limits or Throttling

A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until ...

CVE-2024-6678

creationtimestamp| type| source ---|---|--- 2024-09-12 10:08:54+00:00| seen| https://t.me/HackingInsights/12852 2024-09-12 15:18:20+00:00| seen| https://t.me/BleepingComputer/20662 2024-09-12 18:47:39+00:00| seen| https://t.me/thehackernews/5573 2024-09-12 18:59:10+00:00| seen|...

CVE-2024-27115

creationtimestamp| type| source ---|---|--- 2024-09-11 17:00:52+00:00| seen| https://t.me/cvedetector/5359 2025-01-20 21:02:11+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lg7ad6kcpm2d 2025-02-10 21:01:59+00:00| seen|...

CVE-2024-43461

creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review 2024-09-10 20:06:31+00:00| seen| https://t.me/cvedetector/5292 2024-09-11 04:00:00+00:00| seen|...

BIT-MATTERMOST-2024-41144

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to properly validate synced posts, when shared channels are enabled, which allows a malicious remote to create/update/delete arbitrary posts in arbitrary channels...

CVE-2023-36756

creationtimestamp| type| source ---|---|--- 2024-09-05 15:39:37+00:00| seen| https://www.thezdi.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty 2024-09-12 15:00:00+00:00| seen|...

CVE-2024-44000

creationtimestamp| type| source ---|---|--- 2024-09-05 14:18:45+00:00| published-proof-of-concept| https://t.me/WARLOCKDARKARMYOFFICIALS/4554 2024-09-05 16:31:47+00:00| published-proof-of-concept| Telegram/iqzr0evsZIMMy3NnASIGxZl2nBENTlvbGPIFKVphLoM3UsM 2024-09-06 03:57:32+00:00|...

CVE-2024-6835

The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 5.5.6 via the ajaxloadposts function. This makes it possible for unauthenticated attackers to extract text data from password-protected posts using the...

CVE-2024-6835

CVE-2024-6835 affects Ivory Search – WordPress Search Plugin, with information exposure in the ajax_load_posts path affecting all versions up to 5.5.6. Unauthenticated attackers could extract text from password-protected posts via a boolean-based attack on the AJAX search form. Public reviews/ent...

CVE-2024-20440

creationtimestamp| type| source ---|---|--- 2024-09-04 20:15:50+00:00| seen| https://t.me/cvedetector/4824 2024-09-05 06:52:28+00:00| seen| https://t.me/thehackernews/5522 2024-09-05 07:07:50+00:00| seen| https://t.me/CyberBulletin/551 2024-09-05 09:27:20+00:00| seen|...

CVE-2024-43405

creationtimestamp| type| source ---|---|--- 2024-09-04 19:25:35+00:00| seen| https://t.me/cvedetector/4815 2025-01-03 15:30:05+00:00| seen| https://bsky.app/profile/wizsecurity.bsky.social/post/3letvtvrric2i 2025-01-03 15:46:37+00:00| seen|...