41 matches found
CVE-2023-34031
CVE-2023-34031 describes a Cross-Site Request Forgery (CSRF) in the WordPress plugin bbPress Toolkit by Pascal Casier, affecting versions up to and including 1.0.12 . The vulnerability is unauthenticated and can be triggered when a user interacts with a crafted request, potentially allowing an at...
PT-2023-24647 · Pascal Casier · Bbpress Toolkit Plugin
Name of the Vulnerable Software and Affected Versions: Pascal Casier bbPress Toolkit plugin versions 1.0.12 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that t...
CVE-2023-45065 WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 1.42 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin = 1.42 versions...
WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 1.5 is vulnerable to Broken Access Control
Software Bulk NoIndex & NoFollow Toolkit Type Plugin Vulnerable versions = 1.5 Fixed in 1.51 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-41688 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 59bc5cc02f90 Credits Skalucy Required...
CVE-2023-34032 WordPress bbPress Toolkit Plugin <= 1.0.12 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Pascal Casier bbPress Toolkit plugin = 1.0.12 versions...
CVE-2023-34032
CVE-2023-34032 is an unauthenticated reflected cross-site scripting (XSS) vulnerability in the bbPress Toolkit WordPress plugin, affecting versions ≤ 1.0.12. The underlying issue is an XSS flaw in the plugin’s handling of input, allowing malicious script injection that could affect site visitors....
CVE-2023-34032 WordPress bbPress Toolkit Plugin <= 1.0.12 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Pascal Casier bbPress Toolkit plugin = 1.0.12 versions...
CVE-2023-23714
Cross-Site Request Forgery CSRF vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin = 3.6.4.1 versions...
CVE-2023-23786
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Christof Servit affiliate-toolkit plugin = 3.3.3 versions...
CVE-2023-23786
CVE-2023-23786 concerns the WordPress affiliate-toolkit plugin from Christof Servit, with a Stored XSS issue exploitable by users with Editor+ permissions in versions
CVE-2023-22712
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TemplatesNext TemplatesNext ToolKit plugin = 3.2.7 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TemplatesNext TemplatesNext ToolKit plugin = 3.2.7 versions...
CVE-2023-22712 WordPress TemplatesNext ToolKit Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TemplatesNext TemplatesNext ToolKit plugin = 3.2.7 versions...
SUSE CVE-2009-3865
The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...
WordPress WooCommerce Store Toolkit plugin < 2.3.4 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Store Toolkit plugin versions 2.3.4. Solution Update the WordPress WooCommerce Store Toolkit plugin to the latest available version at least 2.3.4...
ProGuard - Java class file Shrinker, Optimizer, Obfuscator and Preverifier
ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes. It optimizes bytecode and removes unused instructions. It renames the remaining classes, fields, and methods using short meaningless names...
CVE-2013-6280
Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)
The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...
openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)
The Sun Java 6 SDK/JRE was updated to u17 update fixing bugs and various security issues : CVE-2009-3866:The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers...
CVE-2009-3865
The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...