CVE-2024-2165 SEOPress – On-site SEO <= 7.5.2.1 - Authenticated (Author+) Stored Cross-Site Scripting

The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt parameter in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author access...

PT-2024-18998 · WordPress · Seopress

Name of the Vulnerable Software and Affected Versions: SEOPress – On-site SEO plugin for WordPress versions up to, and including, 7.5.2.1 Description: The issue arises from insufficient input sanitization and output escaping, allowing authenticated attackers with author access or higher to inject...

Security Bulletin: A busybox vulnerability affects IBM DataPower Gateways (CVE-2014-4607)

Summary A buffer overflow vulnerability affects IBM DataPower Gateways. IBM DataPower Gateways has addressed the applicable CVE Vulnerability Details CVEID: CVE-2014-4607 DESCRIPTION: Oberhumer LZO could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflo...