CVE-2026-29779 UptimeFlare: Montior config / Credentials in `workerConfig` exposed in client-side JavaScript bundle

UptimeFlare is a serverless uptime monitoring & status page solution, powered by Cloudflare Workers. Prior to commit 377a596, configuration file uptime.config.ts exports both pageConfig safe for client use and workerConfig server-only, contains sensitive data from the same module. Due to...

EUVD-2024-33688

Malicious code in bioql PyPI...

CVE-2024-11808

The Pingmeter Uptime Monitoring plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpnonce' parameter in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-11808

CVE-2024-11808 (Pingmeter Uptime Monitoring, WordPress) is a reflected XSS vulnerability in the Pingmeter Uptime Monitoring plugin for WordPress through the _wpnonce parameter, affecting all versions up to 1.0.3. The authenticated/unauthenticated risk is described as an attacker tricking a user i...

CVE-2024-11808 Pingmeter Uptime Monitoring <= 1.0.3 - Reflected Cross-Site Scripting

The Pingmeter Uptime Monitoring plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpnonce' parameter in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

WordPress plugin Pingmeter Uptime Monitoring 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-17264 · WordPress · Pingmeter Uptime Monitoring

Name of the Vulnerable Software and Affected Versions: Pingmeter Uptime Monitoring plugin for WordPress versions up to, and including, 1.0.3 Description: The issue is related to Reflected Cross-Site Scripting via the wpnonce parameter due to insufficient input sanitization and output escaping. Th...

WordPress Pingmeter Uptime Monitoring plugin <= 1.0.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Pingmeter Uptime Monitoring versions = 1.0.3...

MAL-2022-5975 Malicious code in sdk-app-uptime-monitoring (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25d8d71489a0b5d396ce165f6fc277ac9fb5187b57e1c903ffbef5598f3506ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sdk-app-uptime-monitoring (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25d8d71489a0b5d396ce165f6fc277ac9fb5187b57e1c903ffbef5598f3506ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

UpTime Monitoring Server Insecure File Upload Remote Code Execution

A file upload vulnerability has been reported in the UpTime monitoring server. The vulnerability is due to an insecure file upload on the post2file.php component. A remote attacker could trigger this flaw by sending a crafted HTTP request to the vulnerable system...