21 matches found
EUVD-2020-19697
Malware in sbrugna...
CVE-2023-0453
The WP Private Message WordPress plugin bundled with the Superio theme as a required plugin before 1.0.6 does not ensure that private messages to be accessed belong to the user making the requests. This allowing any authenticated users to access private messages belonging to other users by...
CVE-2022-4114
The Superio WordPress theme does not sanitise and escape some parameters, which could allow users with a role as low as a subscriber to perform Cross-Site Scripting attacks...
Fedora: Security Advisory (FEDORA-2024-9974808629)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: rust-vm-superio-0.7.0-4.fc38
Emulation for legacy devices...
Fedora: Security Advisory for rust-vm-superio (FEDORA-2024-f2305d485f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-0453
The WP Private Message WordPress plugin bundled with the Superio theme as a required plugin before 1.0.6 does not ensure that private messages to be accessed belong to the user making the requests. This allowing any authenticated users to access private messages belonging to other users by...
CVE-2023-0453 WP Private Message < 1.0.6 - Private Message Disclosure via IDOR
The WP Private Message WordPress plugin bundled with the Superio theme as a required plugin before 1.0.6 does not ensure that private messages to be accessed belong to the user making the requests. This allowing any authenticated users to access private messages belonging to other users by...
CVE-2022-4114
CVE-2022-4114 affects the Superio WordPress theme’s Job Board feature, with versions earlier than 1.2.33 (per multiple sources) vulnerable due to inadequate sanitisation and escaping of certain parameters. This enables a Stored Cross-Site Scripting (XSS) attack where an attacker with a low privil...
CVE-2022-4114 Superio - Job Board < 1.2.33 - Subscriber+ Stored Cross-Site Scripting
The Superio WordPress theme does not sanitise and escape some parameters, which could allow users with a role as low as a subscriber to perform Cross-Site Scripting attacks...
CVE-2022-4114 Superio - Job Board < 1.2.33 - Subscriber+ Stored Cross-Site Scripting
The Superio WordPress theme does not sanitise and escape some parameters, which could allow users with a role as low as a subscriber to perform Cross-Site Scripting attacks...
PT-2023-13959 · WordPress · Superio
Name of the Vulnerable Software and Affected Versions: Superio WordPress theme affected versions not specified Description: The issue concerns the Superio WordPress theme, which does not properly sanitise and escape certain parameters. This could allow users with a role as low as a subscriber to...
WordPress theme Superio 跨站脚本漏洞
WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A cross-site scripting vulnerability exists in WordPress theme Superio that stems from not cleaning a...
Superio - Job Board < 1.2.33 - Subscriber+ Stored Cross-Site Scripting
The theme does not sanitise and escape some parameters, which could allow users with a role as low as a subscriber to perform Stored Cross-Site Scripting attacks. As a candidate, add the following payload on the Social Network option: javascript:alert1 As a recruiter, access the candidate page an...
Superio - Job Board < 1.2.33 - Subscriber+ Stored Cross-Site Scripting
The theme does not sanitise and escape some parameters, which could allow users with a role as low as a subscriber to perform Stored Cross-Site Scripting attacks. PoC As a candidate, add the following payload on the Social Network option: javascript:alert1 As a recruiter, access the candidate pag...
CVE-2020-27173
In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source i.e., standard input. This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory pressure, impacting all...
CVE-2020-27173
In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source i.e., standard input. This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory pressure, impacting all...
CVE-2020-27173
In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source i.e., standard input. This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory pressure, impacting all...
Design/Logic Flaw
In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source i.e., standard input. This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory pressure, impacting all...
CVE-2020-27173
In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source i.e., standard input. This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory pressure, impacting all...