15 matches found
CVE-2026-3568 MStore API <= 4.18.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Meta Update
The MStore API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.18.3. This is due to the updateuserprofile function in controllers/flutter-user.php processing the 'metadata' JSON parameter without any allowlist, blocklist, or validatio...
PT-2026-31567
Name of the Vulnerable Software and Affected Versions MStore API plugin for WordPress versions up to and including 4.18.3 Description The MStore API plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This stems from the update user profile function within...
CS Cart 安全漏洞
CS Cart is an e-commerce system from the US-based company CS Cart. A security vulnerability exists in CS Cart version 4.18.3, which stems from a lack of security controls and could lead to a brute force attack...
CVE-2021-23192 affecting package samba for versions less than 4.18.3-1
CVE-2021-23192 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2020-14318 affecting package samba for versions less than 4.18.3-1
CVE-2020-14318 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-44758 affecting package samba for versions less than 4.18.3-1
CVE-2021-44758 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-45141 affecting package samba for versions less than 4.18.3-1
CVE-2022-45141 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-42898 affecting package samba for versions less than 4.18.3-1
CVE-2022-42898 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2020-25722 affecting package samba for versions less than 4.18.3-1
CVE-2020-25722 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-2031 affecting package samba for versions less than 4.18.3-1
CVE-2022-2031 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-32742 affecting package samba for versions less than 4.18.3-1
CVE-2022-32742 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-32746 affecting package samba for versions less than 4.18.3-1
CVE-2022-32746 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-0614 affecting package samba for versions less than 4.18.3-1
CVE-2023-0614 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
Fedora: Security Advisory (FEDORA-2024-a5861bce91)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AZL-45345 CVE-2022-37967 affecting package samba 4.18.3-2
Windows Kerberos Elevation of Privilege Vulnerability...