2 matches found
CVE-2021-25048
The KingComposer WordPress plugin through 2.9.6 does not have authorisation, CSRF and sanitisation/escaping when creating profile, allowing any authenticated users to create arbitrary ones, with Cross-Site Scripting payloads in them...
The vulnerability of the command-line interface of the Network Manager program, which is used to manage network connections, allows a attacker to gain access to confidential data.
The vulnerability of the nmcli command-line interface for managing network connections involves incorrect settings during the creation of a new profile. Exploiting this vulnerability allows an attacker to gain access to confidential data...