WordPress plugin Push Notification for Post and BuddyPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-1834 · WordPress · Push Notification For Post/Buddypress

Name of the Vulnerable Software and Affected Versions: Push Notification for Post and BuddyPress plugin for WordPress versions up to, and including, 2.06 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows...

CVE-2024-13253

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0...

CVE-2024-13253 Advanced PWA - Critical - Access bypass - SA-CONTRIB-2024-017

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0...

CVE-2024-13253 Advanced PWA - Critical - Access bypass - SA-CONTRIB-2024-017

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0...

Drupal Advanced PWA inc Push Notifications 安全漏洞

Drupal Advanced PWA inc Push Notifications is an advanced Progressive Web Application PWA extension module for Drupal websites from the Drupal community. A security vulnerability exists in Drupal Advanced PWA inc Push Notifications prior to version 1.5.0, which stems from the inclusion of an...

SUSE CVE-2024-5594

OpenVPN before 2.6.11 does not santize PUSHREPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs...

ALPINE-CVE-2024-5594

OpenVPN before 2.6.11 does not santize PUSHREPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs...

DEBIAN-CVE-2024-5594

OpenVPN before 2.6.11 does not santize PUSHREPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs...

PT-2025-30810

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a fence leak could occur in the submit error path within the drm/msm subsystem. In error scenarios, a submit operation might be unreferenced...

PT-2025-30873

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ATM CLIP module, specifically within the clip push function. A recursive call can occur under certain conditions, potentially leading to ...

AZL-54917 CVE-2024-56643 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...

DEBIAN-CVE-2024-56643

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...

UBUNTU-CVE-2024-56643

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...

PT-2024-34399 · Unknown · Smart Agent

Name of the Vulnerable Software and Affected Versions: Smart Agent version 1.1.0 Description: The issue allows a remote attacker to execute arbitrary code via the id parameter in the "/sendPushManually.php" component. This is a SQL injection vulnerability that can be exploited to run arbitrary...

CVE-2024-11811

The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'platform', 'phone', 'email', and 'storeurl' parameters. in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2024-11811 Feedify – Web Push Notifications <= 2.4.2 - Reflected Cross-Site Scripting

The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'platform', 'phone', 'email', and 'storeurl' parameters. in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2024-11811

The CVE CVE-2024-11811 affects the Feedify – Web Push Notifications WordPress plugin. It allows Reflected Cross-Site Scripting via parameters platform, phone, email, and store_url in all versions up to 2.4.2 due to insufficient input sanitization and output escaping. The vulnerability enables una...

WordPress Feedify – Web Push Notifications plugin <= 2.4.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Feedify – Web Push Notifications versions = 2.4.2...

WordPress plugin Feedify – Web Push Notifications 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...