kernel: net: sched: sch: Bounds check priority

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: net: sched: sch: Bounds check priority The Linux kernel CVE team has assigned CVE-2023-52734 to this issue...

WordPress Leadster Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Leadster Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47791 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6d346958cd11 Credits BuShiYue Required privileg...

WordPress Betheme Theme <= 27.1.1 is vulnerable to Broken Access Control

Software Betheme Type Theme Vulnerable versions = 27.1.1 Fixed in 27.1.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47770 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID f61160742341 Credits Rafie Muhammad Patchstack Required...

WordPress Footer Putter Plugin <= 1.17 is vulnerable to Cross Site Scripting (XSS)

Software Footer Putter Type Plugin Vulnerable versions = 1.17 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47768 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4553836a22ef Credits Le Ngoc Anh Required...

WordPress Welcart e-Commerce Plugin <= 2.9.4 is vulnerable to Arbitrary File Upload

Software Welcart e-Commerce Type Plugin Vulnerable versions = 2.9.4 Fixed in 2.9.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE N/A Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 876ec2065bf2 Credits WordFence Required privilege Subscriber Publish...

WordPress BSK Contact Form 7 Blacklist Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software BSK Contact Form 7 Blacklist Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5141 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bcd35c27eb27 Credits Enrico...

WordPress WP Fastest Cache Plugin < 1.2.2 is vulnerable to SQL Injection

Software WP Fastest Cache Type Plugin Vulnerable versions 1.2.2 Fixed in 1.2.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-6063 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 5011a3314981 Credits Alex Sanford Required privilege Unauthenticated...

WordPress miniorange otp verification Plugin <= 4.2.1 is vulnerable to Broken Access Control

Software miniorange otp verification Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47776 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 60649c9bd1ee Credits Abdi Pranat...

WordPress LayerSlider Plugin <= 7.7.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software LayerSlider Type Plugin Vulnerable versions = 7.7.9 Fixed in 7.7.10 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47785 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 32d010feaf90 Credits Rafie Muhammad...

WordPress Slider Revolution Plugin <= 6.6.15 is vulnerable to Arbitrary File Upload

Software Slider Revolution Type Plugin Vulnerable versions = 6.6.15 Fixed in 6.6.16 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-47784 Patch priority Low CVSS severity Low 8.4 Developer ThemePunch PSID 92c233355a76 Credits Rafie Muhammad Patchstack Required privile...

WordPress Thrive Theme Builder Theme < 3.24.0 is vulnerable to Broken Access Control

Software Thrive Theme Builder Type Theme Vulnerable versions 3.24.0 Fixed in 3.24.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47783 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID df9a83751ebc Credits Rafie Muhammad Patchsta...

WordPress EasyAzon Plugin <= 5.1.0 is vulnerable to Broken Access Control

Software EasyAzon Type Plugin Vulnerable versions = 5.1.0 Fixed in 5.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47780 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID bdc4e95fbc8c Credits Abdi Pranata Required privileg...

WordPress Permalinks Customizer Plugin <= 2.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Permalinks Customizer Type Plugin Vulnerable versions = 2.8.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47773 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 75025c824dd0 Credits Le Ngoc Anh Required privilege...

WordPress LuckyWP Scripts Control Plugin <= 1.2.1 is vulnerable to Broken Access Control

Software LuckyWP Scripts Control Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47778 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 0397d6dac11d Credits Abdi Pranata...

WordPress LayerSlider Plugin <= 7.7.9 is vulnerable to Cross Site Scripting (XSS)

Software LayerSlider Type Plugin Vulnerable versions = 7.7.9 Fixed in 7.7.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47786 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID bc229172c2ce Credits Rafie Muhammad Patchstack Required...

WordPress ElementsKit Pro Plugin <= 3.3.0 is vulnerable to Broken Access Control

Software ElementsKit Pro Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.6.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-39993 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID b8963eeda442 Credits Rafie Muhammad Patchsta...

WordPress Simple 301 Redirects by BetterLinks Plugin <= 2.0.7 is vulnerable to Broken Access Control

Software Simple 301 Redirects by BetterLinks Type Plugin Vulnerable versions = 2.0.7 Fixed in 2.0.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47761 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 76b78ec76a84 Credits Abd...

WordPress Bus Ticket Booking with Seat Reservation Plugin <= 5.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Bus Ticket Booking with Seat Reservation Type Plugin Vulnerable versions = 5.2.5 Fixed in 5.2.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30496 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID cc34a3da3177...

WordPress Frontend File Manager Plugin < 22.6 is vulnerable to Arbitrary File Download

Software Frontend File Manager Type Plugin Vulnerable versions 22.6 Fixed in 22.6 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Download CVE CVE-2023-5105 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID 66e0e4c68ed0 Credits Dmitrii Ignatyev...

WordPress Essential Blocks for Gutenberg Plugin <= 4.2.0 is vulnerable to Broken Access Control

Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47760 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 34de2a2210b4 Credits Abdi...