173 matches found
Threat landscape for industrial automation systems. Statistics for H1 2023
Global threat statistics In the first half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased from H2 2022 by just 0.3 pp to 34%. Percentage of ICS computers on which malicious objects were blocked, by half year That said, he percentage of attacked ICS...
CVE-2023-37975
Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin = 2.3.7 versions...
CVE-2023-37894
Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Images Gallery for WooCommerce plugin = 2.3.3 versions...
CVE-2023-37894
CVE-2023-37894 affects RadiusTheme Variation Images Gallery for WooCommerce (WordPress plugin) versions = 2.3.4 mitigates the vulnerability. The vulnerability details specify that exploitation does not require authentication and can be triggered via reflected input in the affected gallery feature...
CVE-2023-37975 WordPress Variation Swatches for WooCommerce Plugin <= 2.3.7 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin = 2.3.7 versions...
CVE-2023-37975 WordPress Variation Swatches for WooCommerce Plugin <= 2.3.7 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin = 2.3.7 versions...
CVE-2023-37975
CVE-2023-37975 concerns RadiusTheme Variation Swatches for WooCommerce (WordPress plugin) before 2.3.8. It is an unauthenticated Reflected Cross‑Site Scripting (XSS) vulnerability in versions
WordPress Plugin RadiusTheme Variation Images Gallery for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2023-26165 · WordPress · Radiustheme Variation Images Gallery
Name of the Vulnerable Software and Affected Versions: RadiusTheme Variation Images Gallery for WooCommerce plugin versions prior to 2.3.3 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into the...
WordPress Plugin RadiusTheme Variation Swatches for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Premmerce Variation Swatches for WooCommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Variation Swatches for WooCommerce Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 2a04ac1c6e8a Credits Rafie...
WordPress WooCommerce Variation Swatches for Products Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce Variation Swatches for Products Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2750602126f2 Credits Rafie...
WordPress Swatchly – WooCommerce Variation Swatches for Products Plugin <= 1.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Swatchly – WooCommerce Variation Swatches for Products Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.2.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23792 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...
WordPress TH Variation Swatches Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software TH Variation Swatches Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-28688 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c365052e6ec0 Credits István Márton...
GHSA-QQV9-GQH5-7H99 Snipe-IT allows attackers to check whether a user account exists
Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request...
Psudohash - Password List Generator That Focuses On Keywords Mutated By Commonly Used Password Creation Patterns
psudohash is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word's letters with symbols or numbers, using char-case variations, adding a common padding before or after the word and more. ...
WordPress GS Variation Swatches for WooCommerce plugin <= 1.5.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress GS Variation Swatches for WooCommerce plugin versions = 1.5.0. Solution Update the WordPress GS Variation Swatches for WooCommerce plugin to the latest available version at least 1.6.0...
WordPress Premmerce Variation Swatches for WooCommerce plugin <= 1.2.0 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Premmerce Variation Swatches for WooCommerce plugin versions = 1.2.0. Solution Update the WordPress Premmerce Variation Swatches for WooCommerce plugin to the latest available version at least 1.2.1...
WordPress XT Variation Swatches for WooCommerce plugin <= 1.8.0 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress XT Variation Swatches for WooCommerce plugin versions = 1.8.0. Solution Update the WordPress XT Variation Swatches for WooCommerce plugin to the latest available version at least 1.8.1...
WordPress Premmerce Variation Swatches for WooCommerce plugin <= 1.2.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Premmerce Variation Swatches for WooCommerce plugin versions = 1.2.0. Solution Update the WordPress Premmerce Variation Swatches for WooCommerce plugin to the latest available version at least 1.2.1...