WordPress Mooberry Book Manager Plugin <= 4.15.12 is vulnerable to Sensitive Data Exposure

Software Mooberry Book Manager Type Plugin Vulnerable versions = 4.15.12 Fixed in 4.15.13 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-34368 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8048e91588cf Credits Steven Julian...

WordPress ShopLentor Plugin <= 2.8.7 is vulnerable to Cross Site Scripting (XSS)

Software ShopLentor Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3991 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b56a67a53737 Credits stealthcopter Required...

WordPress Robo Gallery Plugin <= 3.2.18 is vulnerable to Sensitive Data Exposure

Software Robo Gallery Type Plugin Vulnerable versions = 3.2.18 Fixed in 3.2.19 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-34382 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fc1d04a11044 Credits Peng Zhou Required privilege...

WordPress Modal Window Plugin < 5.3.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Modal Window Type Plugin Vulnerable versions 5.3.10 Fixed in 5.3.10 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3472 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9d7096a40943 Credits Bob Matyas Required...

WordPress Counter Box Plugin < 1.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Counter Box Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3481 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 8cd9da8dd3bb Credits Bob Matyas Required...

WordPress Popup Box Plugin < 2.2.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Popup Box Type Plugin Vulnerable versions 2.2.7 Fixed in 2.2.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3477 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d1f8f6b4cec4 Credits Bob Matyas Required privileg...

WordPress WP Recipe Maker Plugin <= 9.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Recipe Maker Type Plugin Vulnerable versions = 9.3.1 Fixed in 9.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3490 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5ee8e6ab9022 Credits stealthcopter Required...

WordPress Supreme Modules Lite Plugin <= 2.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Supreme Modules Lite Type Plugin Vulnerable versions = 2.5.3 Fixed in 2.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4334 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID db7cdff0f72f Credits Webbernaut Required...

WordPress Float menu Plugin < 6.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Float menu Type Plugin Vulnerable versions 6.0.1 Fixed in 6.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2405 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 80605a5ac1fe Credits Erwan LR WPScan Required...

WordPress Side Menu Lite Plugin < 4.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Side Menu Lite Type Plugin Vulnerable versions 4.2.1 Fixed in 4.2.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3476 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 570b701cebb0 Credits Bob Matyas Required...

WordPress Sticky Buttons Plugin < 3.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sticky Buttons Type Plugin Vulnerable versions 3.2.4 Fixed in 3.2.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3475 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c9f456e279d5 Credits Bob Matyas Required...

DEBIAN-CVE-2024-26937

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queuepriorityhint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete befo...

UBUNTU-CVE-2024-26937

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queuepriorityhint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete befo...

CVE-2024-26937

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queuepriorityhint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete befo...

CVE-2024-26937 drm/i915/gt: Reset queue_priority_hint on parking

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queuepriorityhint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete befo...

WordPress All-in-One Video Gallery Plugin <= 3.6.4 is vulnerable to Arbitrary File Upload

Software All-in-One Video Gallery Type Plugin Vulnerable versions = 3.6.4 Fixed in 3.6.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-4033 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID cfa484cd1cd9 Credits stealthcopter Required...

kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

WordPress MailerLite – Signup forms Plugin <= 1.7.6 is vulnerable to Broken Access Control

Software MailerLite – Signup forms Type Plugin Vulnerable versions = 1.7.6 Fixed in 1.7.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-2797 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d779eba11e1c Credits Krzysztof Zając...

WordPress Where Did You Hear About Us Checkout Field for WooCommerce Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Where Did You Hear About Us Checkout Field for WooCommerce Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2752 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID...