PT-2024-18212 · WordPress · Avada

Name of the Vulnerable Software and Affected Versions: Avada | Website Builder For WordPress & WooCommerce theme for WordPress versions up to and including 7.11.5 Description: The issue allows authenticated attackers with contributor access and above to view the contents of all form submissions,...

WordPress Avada Theme <= 7.11.5 is vulnerable to Sensitive Data Exposure

Software Avada Type Theme Vulnerable versions = 7.11.5 Fixed in 7.11.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1668 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f064c924d1a4 Credits Muhammad Zeeshan Xib3rR4dAr Require...

SuiteCRM 7.10.x < 7.10.17, 7.11.x < 7.11.5 SQL Injection Vulnerability

SuiteCRM is prone to an SQL injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SalesAgility SuiteCRM SQL Injection Vulnerability (CNVD-2019-16998)

SalesAgility SuiteCRM is a suite of enterprise-grade open source customer relationship management CRM. A SQL injection vulnerability exists in SalesAgility SuiteCRM versions 7.8.x prior to 7.8.30, 7.10.x prior to 7.10.17, and 7.11.x prior to 7.11.5, which can be exploited by an attacker to execut...