123 matches found
CVE-2024-5611 Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-5611 Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-5611
CVE-2024-5611 : The Stratum – Elementor Widgets plugin for WordPress (versions
WordPress plugin Stratum - Elementor Widgets Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...
WordPress Stratum – Elementor Widgets plugin <= 1.4.1 - Authenticated Stored Cross-Site Scripting via Countdown Widget vulnerability
Authenticated Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by wesley wcraft in WordPress Plugin Stratum versions = 1.4.1...
WordPress Stratum Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Stratum Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5611 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b26c4b69b206 Credits wesley wcraft Required privilege...
CVE-2023-50803
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay...
PT-2024-25927 · Open5Gs · Open5Gs
Name of the Vulnerable Software and Affected Versions: Open5GS versions prior to 2.7.1 Description: The issue is related to a reachable assertion that can cause an AMF crash via NAS messages from a UE. This occurs due to improper handling of the pkbuf-len variable in the ogs nas encrypt function...
Stratum < 1.3.16 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Stratum plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...
CVE-2024-29914
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MotoPress Stratum allows Stored XSS.This issue affects Stratum: from n/a through 1.3.15...
CVE-2024-29914 WordPress Stratum – Elementor Widgets plugin <= 1.3.15 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MotoPress Stratum allows Stored XSS.This issue affects Stratum: from n/a through 1.3.15...
CVE-2024-29914
Technical details about CVE-2024-29914 are not provided in the supplied documents. The initial entry notes a Stored XSS in MotoPress Stratum (WordPress plugin) up to version 1.3.15, but no fix/impact specifics are included here.
PT-2024-23136 · Motopress · Motopress Stratum
Name of the Vulnerable Software and Affected Versions: MotoPress Stratum versions 1.3.15 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS. This means that an attacker can inject malicious scripts into the...
WordPress Plugin Stratum 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Stratum Plugin <= 1.3.15 is vulnerable to Cross Site Scripting (XSS)
Software Stratum Type Plugin Vulnerable versions = 1.3.15 Fixed in 1.3.16 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29914 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3d8d138923e6 Credits Khalid Yusuf Required privilege Contributor...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service when handling multiple payload container types with incorrect container lengths received in a DL NAS transport OTA in NR...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service in the handling of DL NAS transport messages...
PT-2022-24601 · Free5Gc · Free5Gc
Name of the Vulnerable Software and Affected Versions: Free5gc version 3.0.5 Description: The issue arises due to malformed NAS messages, causing the AMF to break. Recommendations: For Free5gc version 3.0.5, consider implementing input validation to handle malformed NAS messages properly until a...
CVE-2021-30301
Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile...
PT-2022-9974 · Qualcomm · Snapdragon Mobile +2
Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Industrial IOT affected versions not specified Snapdragon Mobile affected versions not specified Description: The issue is related to a possible denial of service due to out of memory...