12 matches found
@antv/l7 (>=2.1.13 <=2.25.10), @antv/l7-component (>=2.0.0-beta.1 <=2.25.10) +13 more potentially affected by unknown CVE via @antv/l7-utils (>=2.0.0-beta.1 <=2.25.9)
@antv/l7-utils NPM version =2.0.0-beta.1, =2.1.13, =2.0.0-beta.1, =2.0.0-beta.1, =2.1.13, =2.1.13, =2.10.0, =2.1.13, =2.10.0, =2.1.13, =2.1.13, =2.1.13, =2.0.0-beta.1, =2.10.0, =1.0.0, =1.0.17, =1.0.18 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVL7UTILS-16754432...
CVE-2026-7062 Intina47 context-sync Git Integration git-integration.ts os command injection
A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation leads to os command injection. The attack can be executed remotely. The exploit has been disclosed...
CVE-2024-6052
Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 EOL allows users to execute arbitrary scripts by injecting HTML elements...
WordPress WP Job Manager Plugin <= 2.0.0 is vulnerable to Broken Access Control
Software WP Job Manager Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.1.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-52211 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID dca091e30b7d Credits Rafie Muhammad Patchstack...
WordPress Tiger Forms Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Tiger Forms Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-44474 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5fe0f3839101 Credits SeungYongLee Required privilege...
WordPress Themesflat Addons For Elementor Plugin <= 2.0.0 is vulnerable to PHP Object Injection
Software Themesflat Addons For Elementor Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.0.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-37390 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 27be6a2ff8c6 Credits Robert R Required...
WordPress WP Logger Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software WP Logger Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID fcdb763b1c53 Credits Rafie Muhammad Patchstack Required privilege...
WordPress Tranzly: Automatic Translation Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Tranzly: Automatic Translation Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1e66b5ef5eee Credits Rafie Muhammad...
WordPress Chained Theme <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Chained Type Theme Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 086dfbf797b5 Credits Rafie Muhammad Patchstack Required privileg...
WordPress JS Job Manager Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software JS Job Manager Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.0.1 OWASP Top 10 A2: Broken Authentication Classification Cross Site Request Forgery CSRF CVE CVE-2023-31087 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID cfbe0d0492f9 Credits Yuki Haruma Required...
WordPress Marketing Performance Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Marketing Performance Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24404 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 68bd528dfd1b Credits Nithissh S Requir...
Apache Superset 安全漏洞
Apache Superset is a data visualization and data exploration platform from the Apache Foundation USA. A security vulnerability exists in Apache Superset versions 1.5.2 and earlier and 2.0.0, which originates from an authenticated attacker with write access to a CSS template that can create a reco...