2429 matches found
WordPress plugin Responsive Image Gallery security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-27640 · Wpdevart · Wpdevart Responsive Image Gallery
Name of the Vulnerable Software and Affected Versions: WpDevArt Responsive Image Gallery, Gallery Album versions through 2.0.3 Description: The issue is related to a Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album. Recommendations: For versions through 2.0....
CVE-2024-6415
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREFHOMEPAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross site...
CVE-2024-6344 ZKTeco ZKBio CVSecurity V5000 Push Configuration Section cross site scripting
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. It is possible to initiate the attac...
Malicious code in ccl-vifp-lookup-responsive (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-1963 Malicious code in ccl-vifp-lookup-responsive (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-6186
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC 1.0. This affects an unknown part of the file /view/userAuthentication/SSO/commit.php. The manipulation of the argument adlogname leads to os command injection. It is possible to initiate the attack remotely. The exploi...
CVE-2024-6187 Ruijie RG-UAC sub_commit.php os command injection
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/vpn/autovpn/subcommit.php. The manipulation of the argument key leads to os command injection. The attack can be initiated remotely. The exploit has been...
WordPress Responsive video embed plugin < 0.5.1 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Felipe Caon in WordPress Plugin Responsive video embed versions 0.5.1...
WordPress Responsive video embed Plugin < 0.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Responsive video embed Type Plugin Vulnerable versions 0.5.1 Fixed in 0.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5475 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 325ee9be976d Credits Felipe Caon Require...
WordPress plugin Responsive video embed security vulnerability
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Custom Field Suite plugin is a custom field adding plugin used in it.Media Library...
PT-2024-36413 · WordPress · Responsive Video Embed
Name of the Vulnerable Software and Affected Versions: Responsive video embed WordPress plugin versions prior to 0.5.1 Description: The issue is related to the lack of validation and escaping of some shortcode attributes in the Responsive video embed WordPress plugin. This could allow users with...
WordPress Transition Slider – Responsive Image Slider and Gallery Plugin <= 2.20.3 is vulnerable to Cross Site Scripting (XSS)
Software Transition Slider – Responsive Image Slider and Gallery Type Plugin Vulnerable versions = 2.20.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37215 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 549d55c8caf1 Credits...
CVE-2024-6058
A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page&page=SampleHistoricalList&iframename=list&crc=crc1701669816260. The manipulation of the argument height/width leads to cross site scripting. It is...
Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery < 1.4.6 - Missing Authorization
Description The Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaximagegallery and igsavesettings functions in versions up to, and including, 1.4.5. This...
Responsive < 5.0.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Responsive theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to 5.0.3.1 exclusive due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level...
Exploit for Uncontrolled Search Path Element in Cisco Secure_Client
CVE-2024-20338 advisoryhttps://sec.cloudapps.cisco.com/sec...
CVE-2024-35721
Missing Authorization vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through 1.4.5...
CVE-2024-35721
Missing Authorization vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through 1.4.5...
CVE-2024-35722
Missing Authorization vulnerability in A WP Life Slider Responsive Slideshow – Image slider, Gallery slideshow.This issue affects Slider Responsive Slideshow – Image slider, Gallery slideshow: from n/a through 1.4.0...