3 matches found
PT-2026-2487
Name of the Vulnerable Software and Affected Versions Semantic machines version 5.4.8 Description An issue allows attackers to bypass authentication by sending a crafted HTTP request to various API endpoints. The attack targets authentication mechanisms within the software. The affected API...
WordPress Woffice Core Plugin <= 5.4.8 is vulnerable to Cross Site Scripting (XSS)
Software Woffice Core Type Plugin Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37471 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 88417011c3b0 Credits Rafie Muhammad Patchstack Required...
WordPress Woffice Core Plugin <= 5.4.8 is vulnerable to Broken Access Control
Software Woffice Core Type Plugin Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37470 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID d7dfbe1583d4 Credits Rafie Muhammad Patchstack...