WordPress Category Posts Widget Plugin < 4.9.17 is vulnerable to Cross Site Scripting (XSS)

Software Category Posts Widget Type Plugin Vulnerable versions 4.9.17 Fixed in 4.9.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-6158 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 321a7aaf8265 Credits Dmitrii Ignatyev Required privile...

Security fix for the ALT Linux 8 package samba version 4.9.17-alt1

4.9.17-alt1 built Dec. 18, 2019 Evgeny Sinelnikov in task 242978 Dec. 13, 2019 Evgeny Sinelnikov - Update to last security winter release - Security fixes: + CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS management server + CVE-2019-14870: DelegationNotAllowed not being...

Samba Multiple Vulnerabilities (CVE-2019-14861, CVE-2019-14870)

Samba is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

UserPro <= 4.9.17 - Authentication Bypass

The userpro plugin has the ability to bypass login authentication for the user 'admin'. If the site does not use the standard username 'admin' it is not affected. 1 - Google Dork inurl:/plugins/userpro 2 - Browse to a site that has the userpro plugin installed. 3 - Append ?upautolog=true to the...