WordPress Simple Baseball Scoreboard Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Simple Baseball Scoreboard Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-48025 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a4f511271aab Credits SOPROBRO Required privilege...

WordPress Hide Dashboard Notifications Plugin <= 1.3 is vulnerable to Broken Access Control

Software Hide Dashboard Notifications Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1955 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 47605ad93239 Credits Francesco Carlucci...

WordPress ERE Recently Viewed Plugin <= 1.3 is vulnerable to PHP Object Injection

Software ERE Recently Viewed Type Plugin Vulnerable versions = 1.3 Fixed in 2.0 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-24797 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 835850fa9817 Credits Yudistira Arya Required privilege...

WordPress Tab Ultimate Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Tab Ultimate Type Plugin Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5667 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 6b4d31988178 Credits István Márton Required privileg...

WordPress Poptin Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Poptin Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4961 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6ca61fb922bb Credits Lana Codes Required privilege...

WordPress Aapna Theme <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Aapna Type Theme Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2813 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f88968b9b9e0 Credits Random Robbie Required privilege...

WordPress Resize at Upload Plus Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Resize at Upload Plus Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25467 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID cded0be39625 Credits Mika Required...

NoneCMS 信息泄露漏洞

NoneCMS is a content management system CMS based on Thinkphp. An information disclosure vulnerability exists in NoneCMS version 1.3. A remote attacker can exploit this vulnerability to obtain sensitive information via /nonecms/vendor...