CVE-2024-4873

The Replace Image plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.10 via the image replacement functionality due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level...

CVE-2024-4873 Replace Image <= 1.1.10 - Insecure Direct Object Reference

The Replace Image plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.10 via the image replacement functionality due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level...

WordPress plugin Replace Image security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Replace Image plugin <= 1.1.10 - Authenticated Insecure Direct Object Reference vulnerability

Authenticated Insecure Direct Object Reference vulnerability discovered by Jin Hao Chan in WordPress Plugin Replace Image versions = 1.1.10...

WordPress Replace Image Plugin <= 1.1.10 is vulnerable to Broken Access Control

Software Replace Image Type Plugin Vulnerable versions = 1.1.10 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4873 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 262021d9f7c1 Credits Jin Hao Chan Required privilege...

OESA-2024-1717 mozjs78 security update

SpiderMonkey JavaScript library Security Fixes: In the codensTArrayImpl::ReplaceElementsAt/code function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and...

PT-2024-21687 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue allows an attacker to remotely compromise any Toshiba printer, enabling them to replace programs with malicious ones. This can be done by any local or remote attacker...

WordPress Search & Replace plugin < 3.2.2 - Admin+ SQL injection vulnerability

Admin+ SQL injection vulnerability discovered by Krugov Artyom in WordPress Plugin Search & Replace versions 3.2.2...

CVE-2024-4145

The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks such as within a multi-site network...

CVE-2024-4145

The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks such as within a multi-site network...

CVE-2024-4145 Search & Replace < 3.2.2 - Admin+ SQL injection

The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks such as within a multi-site network...

CVE-2024-4145 Search & Replace < 3.2.2 - Admin+ SQL injection

The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks such as within a multi-site network...

WordPress Search & Replace Plugin < 3.2.2 is vulnerable to SQL Injection

Software Search & Replace Type Plugin Vulnerable versions 3.2.2 Fixed in 3.2.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4145 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 279ec626c422 Credits Krugov Artyom Required privilege Administrator...

WordPress plugin Search & Replace security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

How to Configure Veeam Kasten for Kubernetes Dashboard to Use a New Certificate

Purpose This article documents how to troubleshoot and replace the certificate used by the Veeam Kasten for Kubernetes Dashboard. Scenario Example The Veeam Kasten for Kubernetes Dashboard becomes inaccessible due to an expired certificate, resulting in an HTTP ERROR 401 , indicating a lack of...

SUSE CVE-2021-47433

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfsreplacefileextents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to decide...

[SECURITY] Fedora 40 Update: rust-sd-1.0.0-2.fc40

Intuitive find & replace CLI. Painless regular expressions sd uses regex syntax that you already know from JavaScript and Python. Forget about dealing with quirks of sed or awk - get productive immediately. String-literal mode Non-regex find & replace. No more backslashes or remembering which...

Search & Replace < 3.2.2 - Admin+ SQL injection

Description The plugin does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks such as within a multi-site network. 1. Go to the Tools parameter 2. Select Search & Replace 3. Click "Do Search & Replace" 4. Change the parameters...

DEBIAN-CVE-2021-47433

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfsreplacefileextents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to decide...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an abort logic error in btrfsreplacefileextents...