156 matches found
CVE-2024-9593 Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...
CVE-2024-9593 Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...
CVE-2024-9593
CVE-2024-9593 affects WordPress plugins Time Clock (<= 1.2.2) and Time Clock Pro (
Exploit for Code Injection in Wpplugin Time_Clock
CVE-2024-9593 Time Clock = 1.2.2 & Time Clock Pro...
WordPress Time Clock Pro plugin <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution vulnerability
Unauthenticated Limited Remote Code Execution vulnerability discovered by István Márton in WordPress Plugin Time Clock Pro versions = 1.1.4...
WordPress Time Clock plugin <= 1.2.2 - Unauthenticated (Limited) Remote Code Execution vulnerability
Unauthenticated Limited Remote Code Execution vulnerability discovered by István Márton in WordPress Plugin Time Clock versions = 1.2.2...
WordPress plugin Time Clock plugin and Time Clock Pro 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code injection vulnerability exis...
WordPress Time Clock Plugin <= 1.2.2 is vulnerable to Remote Code Execution (RCE)
Software Time Clock Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-9593 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID ba1ac64c553d Credits István Márton Required privilege...
WordPress Time Clock Pro Plugin <= 1.1.4 is vulnerable to Remote Code Execution (RCE)
Software Time Clock Pro Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.5 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-9593 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 9837dd0a77ff Credits István Márton Required privilege...
PT-2024-9994 · WordPress · Time Clock +1
Name of the Vulnerable Software and Affected Versions: Time Clock plugin versions up to 1.2.2 Time Clock Pro plugin versions up to 1.1.4 Description: The issue concerns the etimeclockwp load function callback function, which is related to improper management of code generation. This allows...
DEBIAN-CVE-2024-44953
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix deadlock during RTC update There is a deadlock when runtime suspend waits for the flush of RTC work, and the RTC work calls ufshcdrpmgetsync to wait for runtime resume. Here is deadlock backtrace: kworker/0:1...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a deadlock during an update RTC in the scsi: ufs component...
kernel: rtc: class: Fix potential memleak in devm_rtc_allocate_device()
In the Linux kernel, the following vulnerability has been resolved: rtc: class: Fix potential memleak in devmrtcallocatedevice devmrtcallocatedevice will alloc a rtcdevice first, and then run devsetname. If devsetname failed, the rtcdevice will memleak. Move devmaddactionorreset in front of...
CVE-2022-44594
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Codebangers All in One Time Clock Lite plugin = 1.3.320 versions...
CVE-2022-44594
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Codebangers All in One Time Clock Lite plugin = 1.3.320 versions...
CVE-2022-44594 WordPress All in One Time Clock Lite Plugin <= 1.3.320 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Codebangers All in One Time Clock Lite plugin = 1.3.320 versions...
CVE-2022-44594
Codebangers All in One Time Clock Lite plugin for WordPress is affected by a Stored XSS vulnerability in versions prior to 1.3.321 (the CVE-2022-44594 family). Exploitation concerns admin users (administrative privilege level). Mitigation: upgrade to version 1.3.321 or later to fix the issue. If ...
PT-2023-14514 · Codebangers · Codebangers All In One Time Clock Lite
Name of the Vulnerable Software and Affected Versions: Codebangers All in One Time Clock Lite plugin versions prior to 1.3.321 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects administrative users. This type of vulnerability allows an attacker to...
WordPress Plugin All in One Time Clock Lite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2023-33537 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.17 Description: A function prototype mismatch was found in the msc313 rtc probe function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...