Deserialization of untrusted data

The Slider Responsive Slideshow – Image slider, Gallery slideshow plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.8 via deserialization of untrusted input to the awlsliderresponsiveshortcode function. This makes it possible for authenticated...

CVE-2024-1859

The Slider Responsive Slideshow – Image slider, Gallery slideshow plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.8 via deserialization of untrusted input to the awlsliderresponsiveshortcode function. This makes it possible for authenticated...

CVE-2024-1859

CVE-2024-1859 refers to the Slider Responsive Slideshow – Image slider, Gallery slideshow WordPress plugin. The vulnerability is a PHP Object Injection in versions up to and including 1.3.8, triggered by deserialization of untrusted input in the awl_slider_responsive_shortcode function. With cont...

WordPress Plugin Slider Responsive Slideshow Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CentOS 9 : unbound-1.16.2-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the unbound-1.16.2-3.el9 build changelog. - A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The...

Responsive Pricing Table < 5.1.11 - Author+ Stored XSS

Description The plugin does not validate and escape some of its Pricing Table options before outputting them back in a page/post where the related shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks PoC - Create a new Pricing...

Stack overflow

A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619B20230130/9.3.5u.6698B20230810. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi of the component Web Interface. The manipulation of the argument httphost leads to stack-based buffer overflow...

CVE-2024-1784 Limbas main_admin.php sql injection

A vulnerability classified as problematic was found in Limbas 5.2.14. Affected by this vulnerability is an unknown functionality of the file mainadmin.php. The manipulation of the argument tabgroup leads to sql injection. The complexity of an attack is rather high. The exploitation appears to be...

CVE-2024-1749 Bdtask Bhojon Best Restaurant Management Software Message Page message cross site scripting

A vulnerability, which was classified as problematic, has been found in Bdtask Bhojon Best Restaurant Management Software 2.9. This issue affects some unknown processing of the file /dashboard/message of the component Message Page. The manipulation of the argument Title leads to cross site...

CVE-2024-1702

CVE-2024-1702 concerns a SQL injection in keerti1924 PHP-MYSQL-User-Login-System 1.0, affecting the /edit.php functionality. The issue is described as exploitable remotely and was publicly disclosed; multiple connected sources corroborate the core details (remote access, SQL injection, /edit.php)...

Improper access control

A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been...

CVE-2024-24802

Cross-Site Request Forgery CSRF vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9...

CVE-2024-24802

Cross-Site Request Forgery CSRF vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9...

CVE-2024-24802 WordPress JTRT Responsive Tables Plugin <= 4.1.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9...

CVE-2024-24802

CVE-2024-24802 is a CSRF vulnerability in the WordPress plugin JTRT Responsive Tables (versions

PT-2024-20571 · John Tendik · Jtrt Responsive Tables

Name of the Vulnerable Software and Affected Versions: JTRT Responsive Tables versions through 4.1.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in John Tendik JTRT Responsive Tables. This type of vulnerability allows an attacker to trick a user into performing...

WordPress Plugin JTRT Responsive Tables Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2024-1661

A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852B20230719. Affected by this vulnerability is an unknown functionality of the file /etc/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity ...

Medium: unbound

Issue Overview: A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by queryin...