174 matches found
WordPress Responsive Lightbox & Gallery plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Responsive Lightbox versions = 2.4.8...
WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability
Stored Cross-Site Scripting vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.3.9...
WordPress Gallery Lightbox plugin <= 1.0.0.39 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Gallery Lightbox versions = 1.0.0.39...
WordPress Search Atlas SEO plugin <= 1.8.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Search Atlas SEO versions = 1.8.2...
WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin ARI Fancy Lightbox versions = 1.3.17...
WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin WP Meta SEO versions = 4.5.13...
CVE-2024-43934 WordPress Collapsing Archives plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Robert Felty Collapsing Archives allows Stored XSS.This issue affects Collapsing Archives: from n/a through 3.0.5...
CVE-2024-43934
CVE-2024-43934 affects the Collapsing Archives WordPress plugin. It is a Stored XSS caused by improper neutralization of input during web page generation, affecting versions up to 3.0.5 (n/a to 3.0.5). Remediation: update to the patched version 3.0.5.
CVE-2024-43934 WordPress Collapsing Archives plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Robert Felty Collapsing Archives allows Stored XSS.This issue affects Collapsing Archives: from n/a through 3.0.5...
WordPress Custom Field Template Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)
Software Custom Field Template Type Plugin Vulnerable versions = 2.6.5 Fixed in 2.6.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44062 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 53885cdfe965 Credits Robert DeVore Required privilege...
Ubuntu: Security Advisory (USN-6653-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Hackers Claim Data Breach at Staffing Giant Robert Half, Sell Sensitive Data
By Waqas Deja vu at Robert Half? Notorious hackers claim responsibility as the staffing giant makes headlines for yet another alleged data breach in two years. This is a post from HackRead.com Read the original post: Hackers Claim Data Breach at Staffing Giant Robert Half, Sell Sensitive Data...
CVE-2023-47651
Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...
CVE-2023-47651
CVE-2023-47651 affects the WordPress WP Links Page plugin (versions up to 4.9.4). The vulnerability is a Cross-Site Request Forgery (CSRF) in the wplf_ajax_update_screenshots action that could be exploited by an unauthenticated attacker to forge requests. The issue is fixed in version 4.9.5. The ...
CVE-2023-47651 WordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...
robert-portisch.de Improper Access Control vulnerability OBB-3780140
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GHSA-M2WJ-R6G3-FXFX Symfony possible session fixation vulnerability
Description SessionStrategyListener does not always migrate the session after a successful login. It only migrate the session when the logged-in user identifier changes. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token...
Symfony possible session fixation vulnerability
Description SessionStrategyListener does not always migrate the session after a successful login. It only migrate the session when the logged-in user identifier changes. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token...
CVE-2023-29426
Cross-Site Request Forgery CSRF vulnerability in Robert Schulz sprd.Net AG Spreadshop plugin = 1.6.5 versions...