Enhanced SSO Feature does not work. Applications fail to launch on Windows 11 devices.

After setting up Enhanced SSO according to https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/domain-passthrough-for-single-sign-on , it doesn't work. When trying to launch an application, nothing happens. When using traditional SSO using the old SSONVR.exe mechanism, there is no issu...

CVE-2023-48273

CVE-2023-48273 affects the WordPress plugin Preloader for Website (version

CVE-2023-52224

CVE-2023-52224 affects the WordPress plugin Revolut Gateway for WooCommerce (

CVE-2023-51682

CVE-2023-51682 : Missing Authorization vulnerability in MC4WP (Mailchimp for WordPress) affecting MC4WP

CVE-2024-24703

CVE-2024-24703 is a Broken Access Control vulnerability in MultiVendorX Marketplace (WooCommerce). The issue arises from a missing authorization check that permits unauthenticated actors to perform data-modifying actions on the WC Marketplace <= 4.0.25. PatchStack lists the vulnerable versions...

CVE-2023-51498

CVE-2023-51498 is a Missing Authorization vulnerability (Broken Access Control) in the WordPress plugin WooCommerce Canada Post Shipping , affecting versions up to 2.8.3. The connected Red Hat advisory notes the issue and confirms a patch is available (patched). No exploit details are provided in...

CVE-2023-52217

CVE-2023-52217 is a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin “WooCommerce Conversion Tracking.” Affected are versions up to 2.0.11; the issue stems from missing authorization controls in the plugin’s operations. The CVE entry notes a patch is available i...

CWA - Multimonitor -Session resolution on external displays is not in sync

Issue seen with multiple external monitors via docking stations. When session is spanned across all the screens, the resolutions on either side are not in sync and there is a disjointed black section in the middle. Also, the mouse control seems slightly off. As a workaround use the desktop is...

CVE-2024-22296

CVE-2024-22296 corresponds to a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin 12 Step Meeting List. Public records show affected versions are 3.14.28 and earlier, with exploitation potential via an unauthenticated or improperly authorized access to the plugin...

CVE-2024-21751

CVE-2024-21751 concerns the WordPress plugin RabbitLoader up to version 2.19.13, where multiple AJAX actions lack proper authorization checks, allowing authenticated users with subscriber-level access and above to modify data (e.g., purge site cache or switch caching modes) without permission. Th...

CVE-2024-25929

CVE-2024-25929: WordPress plugin Product Catalog Enquiry for WooCommerce by MultiVendorX

CVE-2024-25092

CVE-2024-25092 is a Missing Authorization vulnerability in WordPress NextMove Lite (XLPlugins NextMove Lite) affecting all versions through 2.17.0. An authenticated user with subscriber-level privileges or higher can install and activate arbitrary plugins due to a missing capability check (xl_add...

CVE-2024-24716

Technical details about CVE-2024-24716 (Awesome Support Missing Authorization) are not publicly provided in the connected documents. No exploit, affected versions beyond 6.1.6, or remediation specifics are given. Monitor vendor advisories for updates.

CVE-2023-34003

CVE-2023-34003 affects the WooCommerce Box Office plugin (versions

CVE-2023-52232

CVE-2023-52232 : Booster Plus for WooCommerce (WordPress) prior to 7.1.2 has a Missing Authorization vulnerability (root cause: missing capability check) that allows an authenticated attacker to delete arbitrary posts/pages. Documented in Patchstack as Arbitrary Content Deletion with subscriber-l...

CVE-2024-22151

CVE-2024-22151 affects WordPress plugin Import and export users and customers (Codection) up to version 1.24.6, due to Missing Authorization via the fire_cron REST endpoint. Unauthenticated access could trigger plugin cron functionality; CVSS 3.1 base score listed as 5.3 (Medium). Connected sourc...

CVE-2022-35718

CVE-2022-35718 affects IBM Sterling Partner Engagement Manager. The IBM bulletin states that the product stores sensitive information in URL parameters, which can be disclosed to unauthorized parties via server logs, referrer headers, or browser history. Affected versions: IBM Sterling Partner En...

CVE-2024-0444

CVE-2024-0444 concerns GStreamer and its AV1 parsing path. The flaw is a stack-based buffer overflow in the AV1 tile-list data parsing, caused by insufficient validation of the length of user-supplied data before copying to a fixed-size stack buffer. Exploitation can lead to remote arbitrary code...

CVE-2023-50804

CVE-2023-50804 concerns Samsung baseband/modem software in Exynos devices where NAS (Non-Access‑Stratum) format type checking is insufficient, enabling authentication bypass in the baseband stack. The issue affects multiple Exynos SoCs (e.g., Exynos 9820/9825/980/990/850/1080/2100/2200/1280/1380/...

CVE-2024-25095

CVE-2024-25095 affects WordPress plugin Easy Forms for Mailchimp (