26 matches found
EUVD-2023-40626
Malicious code in bioql PyPI...
EUVD-2023-40625
Malicious code in bioql PyPI...
CVE-2024-1564
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode...
CVE-2023-36682
Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7...
CVE-2023-36683
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through 2.7.8...
CVE-2023-36683
CVE-2023-36683 affects WordPress plugin Schema Pro (versions
CVE-2023-36683 WordPress Schema Pro plugin <= 2.7.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through 2.7.8...
CVE-2023-36683 WordPress Schema Pro plugin <= 2.7.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through 2.7.8...
WordPress plugin Schema Pro security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-1564
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode...
CVE-2024-1564 Schema Pro < 2.7.16 - Contributor+ Custom Field Access
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode...
CVE-2024-1564 Schema Pro < 2.7.16 - Contributor+ Custom Field Access
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode...
WordPress Schema Pro Plugin < 2.7.16 is vulnerable to Broken Access Control
Software Schema Pro Type Plugin Vulnerable versions 2.7.16 Fixed in 2.7.16 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1564 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 68dac5194d9b Credits Scott Kingsley Clark Required...
WordPress Plugin wp-schema-pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability previously...
PT-2024-18135 · WordPress · Wp-Schema-Pro
Name of the Vulnerable Software and Affected Versions: wp-schema-pro WordPress plugin versions prior to 2.7.16 Description: The issue allows a contributor user to access custom fields on any post, regardless of post type or status, via a shortcode. This is due to the plugin not validating post...
Schema Pro < 2.7.16 - Contributor+ Custom Field Access
Description The plugin does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode As a contributor, add/edit a post and embed aiosrsprocustomfield postid="ANYPOSTID" fieldkey="ANYMETAKEY" and specify/guess any po...
Schema Pro < 2.7.16 - Contributor+ Custom Field Access
Description The plugin does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode PoC As a contributor, add/edit a post and embed aiosrsprocustomfield postid="ANYPOSTID" fieldkey="ANYMETAKEY" and specify/guess an...
CVE-2023-36682
Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7...
CVE-2023-36682
Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7...