WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting

Overview WordPress Plugin "Advanced Custom Fields" provided by WP Engine contains a cross-site scripting vulnerability CWE-79. Ryotaro Imamura of SB Technology Corp. and Satoo Nakano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

PT-2023-35043 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: The issue concerns a qgroup record without old roots populated in btrfs, which may potentially lead to security vulnerabilities. The actual impact and attack plausibility have not yet been...