CVE-2023-6737

CVE-2023-6737 affects the WordPress plugin Enable Media Replace (all versions up to and including 4.1.4). It enables Reflected Cross-Site Scripting via the SHORTPIXEL_DEBUG parameter due to insufficient input sanitization and escaping. Exploitation requires an attacker to craft a payload that run...

PT-2024-15068 · WordPress · Enable Media Replace

Name of the Vulnerable Software and Affected Versions: Enable Media Replace plugin for WordPress versions up to, and including, 4.1.4 Description: The issue allows for Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping via the SHORTPIXEL DEBUG parameter. Thi...

WordPress Plugin Enable Media Replace Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2023-44982

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina.This issue affects Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina: from n/a through 6.4.5...

CVE-2023-44982

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina.This issue affects Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina: from n/a through 6.4.5...

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina.This issue affects Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina: from n/a through 6.4.5...

CVE-2023-44982 WordPress WP Retina 2x Plugin <= 6.4.5 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina.This issue affects Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina: from n/a through 6.4.5...

Fedora 39 : vim (2023-3fbd936b15)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3fbd936b15 advisory. The newest upstream commit Security fixes for CVE-2023-48706, CVE-2023-46246 Tenable has extracted the preceding description block directly from the...

WordPress Enable Media Replace Plugin <= 4.1.4 is vulnerable to Cross Site Scripting (XSS)

Software Enable Media Replace Type Plugin Vulnerable versions = 4.1.4 Fixed in 4.1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-6737 Patch priority Medium CVSS severity Medium 7.1 Developer ShortPixel PSID 6b527c26ad78 Credits Nex Team Required privilege...

PT-2023-35643 · Php · Php

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Global-buffer-overflow READ 1. The crash state involves several functions: pcre get compiled regex cac...

postgresql: Extension scripts replace objects not belonging to the extension.

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

postgresql: Extension scripts replace objects not belonging to the extension.

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

postgresql: Extension scripts replace objects not belonging to the extension.

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

Vim < 9.0.2121

Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...

SUSE CVE-2023-48706

Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...

CVE-2023-48706

A heap use-after-free flaw was found in the vim package. When executing a :s command for the first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes memory to be freed, which may later then be accessed by the initial :s comman...

AZL-32047 CVE-2023-48706 affecting package vim for versions less than 9.0.2121-1

Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...

ALPINE-CVE-2023-48706

Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...

DEBIAN-CVE-2023-48706

Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...

UBUNTU-CVE-2023-48706

Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...