9 matches found
CVE-2025-10773 B-Link BL-AC2100 Web Management set_delshrpath_cfg delshrpath stack-based overflow
A security flaw has been discovered in B-Link BL-AC2100 up to 1.0.3. Affected by this issue is the function delshrpath of the file /goform/setdelshrpathcfg of the component Web Management Interface. The manipulation of the argument Type results in stack-based buffer overflow. The attack may be...
CVE-2025-9654
A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...
WordPress QRMenu Restaurant QR Menu Lite Plugin <= 1.0.3 is vulnerable to PHP Object Injection
Software QRMenu Restaurant QR Menu Lite Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52445 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID faf2a3afc906 Credits LVT-tholv2k Required...
WordPress 3D Work In Progress Plugin <= 1.0.3 is vulnerable to Arbitrary File Deletion
Software 3D Work In Progress Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Deletion CVE CVE-2024-49657 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 209728d5f5a9 Credits stealthcopter Required privilege...
WordPress ContentLock Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software ContentLock Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6023 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 38c834154e63 Credits Norbert Hofmann Required...
WordPress WP Post Disclaimer Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software WP Post Disclaimer Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29761 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 45270e929eab Credits LVT-tholv2k Required privilege...
WordPress Autotitle for WordPress Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Autotitle for WordPress Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6946 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 89d669161c10 Credits Daniel Ruf...
WordPress BMI Calculator Plugin Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software BMI Calculator Plugin Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47814 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b0f7b4a20da1 Credits Ngô Thiên An ancorn from VNPT-VCI...
PT-2023-27324 · WordPress · Wp 404 Auto Redirect To Similar Post
Name of the Vulnerable Software and Affected Versions: hwk-fr WP 404 Auto Redirect to Similar Post plugin versions 1.0.3 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin access can inject...