PT-2025-1738 · WordPress · Woo Ukrposhta

Name of the Vulnerable Software and Affected Versions: Woo Ukrposhta plugin for WordPress versions up to and including 1.17.11 Description: The Woo Ukrposhta plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the order, post, and idd parameters due to insufficient input...

WordPress Woo Ukrposhta plugin <= 1.17.11 - Reflected Cross-Site Scripting via order, post, and idd Parameters vulnerability

Reflected Cross-Site Scripting via order, post, and idd Parameters vulnerability discovered by vgo0 in WordPress Plugin Woo Ukrposhta versions = 1.17.11...

CVE-2022-30629 Session tickets lack random ticket_age_add in crypto/tls

Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption...

Untrusted Search Path

Overview std/os/exec is a Go standard library package std/os/exec Affected versions of this package are vulnerable to Untrusted Search Path. Go Vulnerability Report: On Windows, executing Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset will unintentionally trigger...

Security fix for the ALT Linux 10 package golang version 1.17.11-alt1.p10

1.17.11-alt1.p10 built June 14, 2022 Alexey Shabalin in task 301915 --- June 12, 2022 Alexey Shabalin - New version 1.17.11 Fixes: CVE-2022-30580, CVE-2022-30634, CVE-2022-30629, CVE-2022-29804...