5 matches found
com.liferay.content-targeting:com.liferay.content.targeting.api (>=3.1.0 <=4.0.0) potentially affected by CVE-2025-43797 via com.liferay:com.liferay.site.admin.web (=1.0.5)
com.liferay:com.liferay.site.admin.web MAVEN version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on com.liferay:com.liferay.site.admin.web and may be impacted: - com.liferay.content-targeting:com.liferay.content.targeting.api =3.1.0, =4.0.0...
WordPress Blogvi Theme <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Blogvi Type Theme Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35715 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 148848988fb4 Credits stealthcopter Required privilege Contributor...
WordPress Contact Form 7 Multi-Step Addon Plugin <= 1.0.5 is vulnerable to Backdoor
Software Contact Form 7 Multi-Step Addon Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8aae8a0dc1cb Credits Sansec.io Required privilege Unauthenticated...
WordPress iLoveIMG Plugin <= 1.0.5 is vulnerable to PHP Object Injection
Software iLoveIMG Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 259c37e12af8 Credits Unknown Required privilege Administrator Published 14...
WordPress Chankhe Theme <= 1.0.5 is vulnerable to Broken Authentication
Software Chankhe Type Theme Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-28416 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 9050e7df6a1b Credits Dave Jong Patchstack Required...