15 matches found
EUVD-2024-43304
Malicious code in bioql PyPI...
CVE-2024-49235
Insertion of Sensitive Information Into Sent Data vulnerability in videowhisper Contact Forms, Live Support, CRM, Video Messages live-support-tickets allows Retrieve Embedded Sensitive Data.This issue affects Contact Forms, Live Support, CRM, Video Messages: from n/a through = 1.10.2...
CVE-2024-49235 WordPress Contact Forms, Live Support, CRM, Video Messages plugin <= 1.10.2 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in videowhisper Contact Forms, Live Support, CRM, Video Messages live-support-tickets allows Retrieve Embedded Sensitive Data.This issue affects Contact Forms, Live Support, CRM, Video Messages: from n/a through = 1.10.2...
PT-2024-33372 · Videowhisper.Com · Videowhisper.Com Contact Forms +3
Name of the Vulnerable Software and Affected Versions: VideoWhisper.Com Contact Forms, Live Support, CRM, Video Messages versions 1.10.2 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. This affects...
WordPress Contact Forms, Live Support, CRM, Video Messages plugin <= 1.10.2 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Contact Forms, Live Support, CRM, Video Messages versions = 1.10.2...
GHSA-MRR8-V49W-3333 sweetalert2 contains potentially undesirable behavior
sweetalert2 versions from 11.6.14 to before 11.22.4 have potentially undesirable behavior. The package outputs audio and/or video messages that do not pertain to the functionality of the package when run on specific tlds. This functionality is documented on the project's readme...
PT-2023-33044 · Unknown · Sweetalert2
Name of the Vulnerable Software and Affected Versions: sweetalert2 versions 11.6.14 and above Description: The sweetalert2 package exhibits potentially undesirable behavior by outputting audio and/or video messages unrelated to its functionality when run on specific top-level domains TLDs. This...
sweetalert2 v8.19.1 and above contains hidden functionality
sweetalert2 versions 8.19.1 and up until 9.0.0 are vulnerable to hidden functionality that was introduced by the maintainer. The package outputs audio and/or video messages that do not pertain to the functionality of the package and is not included in versions below 8.19.1. Workaround Users who a...
GHSA-457R-CQC8-9VJ9 sweetalert2 v10.16.10 and above contains hidden functionality
sweetalert2 versions 10.16.10 and up until 11.0.0 are vulnerable to hidden functionality that was introduced by the maintainer. The package outputs audio and/or video messages that do not pertain to the functionality of the package and is not included in versions 10.0.0 - 10.16.9. Workaround Use ...
sweetalert2 v10.16.10 and above contains hidden functionality
sweetalert2 versions 10.16.10 and up until 11.0.0 are vulnerable to hidden functionality that was introduced by the maintainer. The package outputs audio and/or video messages that do not pertain to the functionality of the package and is not included in versions 10.0.0 - 10.16.9. Workaround Use ...
GHSA-QQ6H-5G6J-Q3CM sweetalert2 v11.4.9 and above contains hidden functionality
sweetalert2 versions 11.4.9 and above are vulnerable to hidden functionality that was introduced by the maintainer. The package outputs audio and/or video messages that do not pertain to the functionality of the package and is not included in versions 11.0.0 - 11.4.8. Workaround Use a version...
PT-2022-28188 · Unknown · Sweetalert2
Name of the Vulnerable Software and Affected Versions: sweetalert2 versions 10.16.10 through 11.0.0 Description: The issue concerns hidden functionality introduced by the maintainer, causing the package to output audio and/or video messages unrelated to its intended functionality. Recommendations...
AikCms跨站请求伪造漏洞
AikCms AikCms is a content management system CMS based on PHP and MySQL. AikCms has a security vulnerability that can be exploited by attackers to delete video messages...
AikCms 跨站请求伪造漏洞
AikCms AikCms is a content management system CMS based on PHP and MySQL. A security vulnerability exists in AikCms version v2.0.0, which can be exploited by attackers to delete video messages...
Secret Chat in Telegram Left Self-Destructing Media Files On Devices
Popular messaging app Telegram fixed a privacy-defeating bug in its macOS app that made it possible to access self-destructing audio and video messages long after they disappeared from secret chats. The vulnerability was discovered by security researcher Dhiraj Mishra in version 7.3 of the app, w...