WordPress Seo By 10Web Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Seo By 10Web Type Plugin Vulnerable versions = 1.2.9 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34375 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 68446366bf16 Credits Le Ngoc Anh Required...

WordPress ImageMapper Plugin <= 1.2.6 is vulnerable to Broken Access Control

Software ImageMapper Type Plugin Vulnerable versions = 1.2.6 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5506 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 273249a3fdc4 Credits Lana Codes Required privilege...

WordPress Plugin Name: Device Theme Switcher Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Plugin Name: Device Theme Switcher Type Plugin Vulnerable versions = 3.0.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47556 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f206c5d29e7d Credits...

WordPress Visitors Traffic Real Time Statistics Plugin <= 7.2 is vulnerable to Broken Access Control

Software Visitors Traffic Real Time Statistics Type Plugin Vulnerable versions = 7.2 Fixed in 7.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47557 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID a6e4049fb1e4 Credits...

WordPress WP Google My Business Auto Publish Plugin <= 3.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Google My Business Auto Publish Type Plugin Vulnerable versions = 3.7 Fixed in 3.8 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-47237 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 19fe6caa3a0c Credits...

WordPress WP Crowdfunding Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Crowdfunding Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47532 Patch priority High CVSS severity High 5.8 Developer Claim ownership PSID 6353d577e913 Credits Khalid Yusuf Required privilege...

WordPress Best Restaurant Menu by PriceListo Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Best Restaurant Menu by PriceListo Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.4.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47649 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 0e4095531d5c Credits...

WordPress Easy Social Icons Plugin <= 3.2.5 is vulnerable to Broken Access Control

Software Easy Social Icons Type Plugin Vulnerable versions = 3.2.5 Fixed in 3.2.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-33998 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 69598c192853 Credits Nguyen Anh Tien Required...

WordPress TWB Woocommerce Reviews Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)

Software TWB Woocommerce Reviews Type Plugin Vulnerable versions = 1.7.5 Fixed in 1.7.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47653 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a756ef9307fc Credits Emili Castells...

PT-2024-14720 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A bounds checking issue in the Linux kernel's scheduling subsystem has been identified, where the priority index used to access clpriop was not explicitly bounds checked...

WordPress iPages Flipbook Plugin <= 1.4.8 is vulnerable to SQL Injection

Software iPages Flipbook Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.5.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-47236 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID ca6f53544a70 Credits Muhammad Daffa Required privilege Administrator...

WordPress MStore API Plugin <= 4.10.7 is vulnerable to Privilege Escalation

Software MStore API Type Plugin Vulnerable versions = 4.10.7 Fixed in 4.10.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-3277 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 30d740e716a7 Credits Truoc Phan ...

WordPress Defender Security Plugin <= 4.2.0 is vulnerable to Bypass Vulnerability

Software Defender Security Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-47189 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID 9d721f7eb609 Credits Naveen Muthusamy Required...

WordPress Short URL Plugin <= 1.6.8 is vulnerable to Broken Access Control

Software Short URL Type Plugin Vulnerable versions = 1.6.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47225 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 80acb0670d7b Credits Abdi Pranata Required privilege...

WordPress Contact Forms by Cimatti Plugin <= 1.6.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Forms by Cimatti Type Plugin Vulnerable versions = 1.6.0 Fixed in 1.6.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47230 Patch priority Low CVSS severity Low 5.4 Developer Cimatti Consulting PSID 415f09b860a2 Credits thiennv...

WordPress WP Travel Plugin <= 7.8.0 is vulnerable to Broken Access Control

Software WP Travel Type Plugin Vulnerable versions = 7.8.0 Fixed in 7.8.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47224 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID bf6c5eaeacad Credits Mika Required privilege...

WordPress Animated Rotating Words Plugin <= 5.4 is vulnerable to Broken Access Control

Software Animated Rotating Words Type Plugin Vulnerable versions = 5.4 Fixed in 5.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47187 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID ba5fbcda489d Credits Abdi Pranata Requir...

WordPress SEO Slider Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software SEO Slider Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5707 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 17821e38b317 Credits Lana Codes Required privilege...

WordPress Advance Menu Manager Plugin <= 3.0.6 is vulnerable to Broken Access Control

Software Advance Menu Manager Type Plugin Vulnerable versions = 3.0.6 Fixed in 3.0.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4919cd67715f Credits WordFence Required privilege...

WordPress ChatBot Plugin 4.8.6-4.9.6 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions 4.8.6-4.9.6 Fixed in 4.9.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5606 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5c671cd5cf6e Credits Huynh Tien Si Required...