2 matches found
Authentication Bypass Using an Alternate Path or Channel
Overview better-auth is a The most comprehensive authentication library for TypeScript. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the session.cookieCache component. An attacker can gain unauthorized access to protected...
PT-2023-15697 · WordPress · Store Locator
Name of the Vulnerable Software and Affected Versions: Store Locator WordPress plugin versions prior to 1.4.9 Description: The issue concerns a lack of validation and escaping of certain shortcode attributes, which can lead to Stored Cross-Site Scripting attacks. Users with a role as low as...