2 matches found
KUNO 代码问题漏洞
KUNO is a blogging application by the individual developer XueMian ICT.RUN. A code issue vulnerability exists in KUNO versions prior to 1.3.15, which stems from the media module allowing the upload of specially crafted SVG files, which could lead to a server-side request forgery attack...
CVE-2024-9450
The CVE-2024-9450 entry concerns the Free Booking Plugin for Hotels, Restaurants and Car Rentals (WordPress). Affected versions are prior to 1.3.15, where updating plugin settings lacks a CSRF check. This enables a logged-in subscriber to change settings via CSRF, potentially altering configurati...