WordPress Custom Shortcode Sidebars Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Custom Shortcode Sidebars Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53736 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID f06eb016030e Credits SOPROBRO...

WordPress Amelia Plugin <= 1.2 is vulnerable to Sensitive Data Exposure

Software Amelia Type Plugin Vulnerable versions = 1.2 Fixed in 1.2.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6552 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 963ab0b19e24 Credits stealthcopter Required privilege...

WordPress Import Users from CSV Plugin <= 1.2 is vulnerable to PHP Object Injection

Software Import Users from CSV Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-32431 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID e3f19c84ef38 Credits Trình Vũ Sonicrrrr from VNPT-VCI Require...

WordPress Newsletter Popup Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Newsletter Popup Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0766 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5cf141768871 Credits Lana Codes Required...

PT-2021-10979 · Speex +1 · Speex +1

Name of the Vulnerable Software and Affected Versions: Speex version 1.2 Description: A stack buffer overflow in speexenc.c allows attackers to cause a denial of service DoS via a crafted WAV file. The vendor states that the issue cannot be reproduced and that it is a demo program. Recommendation...