2 matches found
PT-2026-40850
The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.7.9. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...
Malicious code in wm-publish-statuses (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f430aea8d7a18e937f64643aad5fc19a42be349670f884f10161f667367d0483 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...