165 matches found
PT-2024-30399 · Unknown · Scott Paterson Easy Paypal Buy Now Button
Name of the Vulnerable Software and Affected Versions: Scott Paterson Easy PayPal Buy Now Button versions 1.9 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This vulnerability allows redirection to untrusted...
WordPress Pmpro Membership Maps Plugin < 0.7 is vulnerable to Sensitive Data Exposure
Software Pmpro Membership Maps Type Plugin Vulnerable versions 0.7 Fixed in 0.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1286 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a7b3657c40ef Credits Scott Kingsley Clark...
A Bootiful Podcast: Digital Accessibility Architect, Java and Groovy legend, Scott Davis
Hi, Spring fans! In this episode I talk to Java ecosystem legend Scott Davis...
WordPress Kadence Blocks Pro Plugin < 2.3.8 is vulnerable to Broken Access Control
Software Kadence Blocks Pro Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1330 Patch priority Low CVSS severity Low 4.3 Developer KadenceWP PSID 0488c91e76be Credits Scott Kingsley Clark Required...
WordPress WooCommerce plugin < 8.6 - Contributor+ Private/Draft Products Access vulnerability
Contributor+ Private/Draft Products Access vulnerability discovered by Scott Kingsley Clark in WordPress Plugin WooCommerce versions 8.6...
WordPress Meta Box plugin < 5.9.4 - Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability
Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability discovered by Scott Kingsley Clark in WordPress Plugin Meta Box – WordPress Custom Fields Framework versions 5.9.4...
CVE-2024-32102
Cross-Site Request Forgery CSRF vulnerability in Scott Kingsley Clark Crony Cronjob Manager.This issue affects Crony Cronjob Manager: from n/a through 0.5.0...
CVE-2024-32102 WordPress Crony Cronjob Manager plugin <= 0.5.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Scott Kingsley Clark Crony Cronjob Manager.This issue affects Crony Cronjob Manager: from n/a through 0.5.0...
CVE-2024-32102
CVE-2024-32102 is a Cross-Site Request Forgery vulnerability in Crony Cronjob Manager for WordPress, affecting Crony Cronjob Manager: from n/a through 0.5.0. Connected sources confirm the flaw is CSRF and that exploitation could allow unauthorized actions without formal user interaction details; ...
CVE-2024-29130
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on allows Reflected XSS.This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through 2.0...
CVE-2024-27192 WordPress Configure SMTP Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Scott Reilly Configure SMTP allows Reflected XSS.This issue affects Configure SMTP: from n/a through 3.1...
CVE-2024-27192
CVE-2024-27192 : The connected sources document a WordPress plugin vulnerability in Configure SMTP (WordPress plugin) that allows Reflected XSS due to improper input neutralization during web page generation. Affected versions are listed as up through 3.1. Exploitation details (vector/conditions)...
CVE-2024-27192 WordPress Configure SMTP Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Scott Reilly Configure SMTP allows Reflected XSS.This issue affects Configure SMTP: from n/a through 3.1...
WordPress Formidable Registration Plugin < 2.12 is vulnerable to Broken Authentication
Software Formidable Registration Type Plugin Vulnerable versions 2.12 Fixed in 2.12 OWASP Top 10 A4: Insecure Design Classification Broken Authentication CVE CVE-2024-1290 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID de229a590aad Credits Scott Kingsley Clark...
CVE-2023-51683
Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a through 1.8.1...
Setting secure defaults on AWS and avoiding misconfigurations
Wiz cloud security researcher, Scott Piper, suggests measures organizations can adopt to ensure secure defaults on AWS and improve their security posture...
nataliescott.ca Improper Access Control vulnerability OBB-3789428
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-47239
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Scott Paterson Easy PayPal Shopping Cart plugin = 1.1.10 versions...
CVE-2023-47239
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Scott Paterson Easy PayPal Shopping Cart plugin = 1.1.10 versions...
CVE-2023-47239
CVE-2023-47239 affects the WordPress plugin Scott Paterson Easy PayPal Shopping Cart (versions