CVE-2021-4414

The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.5. This is due to missing or incorrect nonce validation on the wcalpreviewemails function. This makes it possible for unauthenticated attackers to generat...

PT-2016-6210 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.11.4 Foreman versions 1.12.x prior to 1.12.1 Description: The issue allows remote authenticated users with permission to view some hosts to obtain sensitive host configuration information. This is possible because...