2028 matches found
Display Widgets 2.6.0-2.6.3.1 - Backdoored
The display-widgets WordPress plugin was affected by a Backdoored security vulnerability...
WordPress Display Widgets plugin 2.6.0-2.6.3.1 - Backdoored (includes hacking tool)
The possible backdoor hacking tool found in WordPress Display Widgets plugin versions 2.6.0-2.6.3.1 by SEO Dave. Solution Deactivate and remove the WordPress Display Widgets plugin. For now, this plugin removed from WordPress plugin repository...
Gratipay: Show hide privacy giving receiving on my website
Hi team .. I found show hide privacy settings on website ... nobody can see on my profile but i put code on my website anybode can see my total giving .. Step reprodence .. 1- go to https://gratipay.com/demo/settings/ click turn on hide total to giving other and hide my self from search result th...
DEBIAN-CVE-2017-5492
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
CVE-2017-5492
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
CVE-2017-5492
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
Pornhub: Stored XSS on the http://ht.pornhub.com/widgets/
The researcher found a stored XSS in the HubTraffic widgets section. I found Stored XSS in the Hubtraffic widgets section. The team was very responsible and fixed the issue fast. Many thanks to the PornHub security team for the bounty and swag i received it already, very cool!...
Wordpress plugin content-glass-button has multiple cross-site scripting vulnerabilities
Content Glass is a social tool that allows website users to share widgets with peers-groups with page address fields or TLDs. The Wordpress plugin content-glass-button is vulnerable to an xss vulnerability due to improper filtering of user input, which allows attackers to frame malicious web page...
[SECURITY] Fedora 23 Update: kf5-ktextwidgets-5.24.0-1.fc23
KDE Frameworks 5 Tier 3 addon with advanced text edting widgets...
[SECURITY] Fedora 23 Update: kf5-kconfigwidgets-5.24.0-1.fc23
KConfigWidgets provides easy-to-use classes to create configuration dialogs , as well as a set of widgets which uses KConfig to store their settings...
[SECURITY] Fedora 23 Update: kf5-kcompletion-5.24.0-1.fc23
KCompletion provides widgets with advanced completion support as well as a lower-level completion class which can be used with your own widgets...
[SECURITY] Fedora 24 Update: kf5-kcompletion-5.24.0-1.fc24
KCompletion provides widgets with advanced completion support as well as a lower-level completion class which can be used with your own widgets...
[SECURITY] Fedora 24 Update: kf5-kdesignerplugin-5.24.0-1.fc24
This framework provides plugins for Qt Designer that allow it to display the widgets provided by various KDE frameworks, as well as a utility kgendesignerplugin that can be used to generate other such plugins from ini-style description files...
Bime: Attacker can access graphic representation of every query
Vulnerability details On a dashboard, widgets can be added to show a graphic representation of a query. These queries come from datasources. When creating a widget, a query ID is given. This query ID can be changed in order to obtain the results of the dataset through a scheduled email. This leak...
Fedora 23 : webkitgtk4-2.12.1-1.fc23 (2016-cb7a73c82e)
Highlights in 2.12.0: Enable FTL by default in JavaScriptCore for x8664. Network process is now used unconditionally. The shared secondary process model is now the same as using the multiple process model and setting a process limit of 1. Switch to use overlay scrollbars like all other GTK+ widge...
Wearable Widgets - Dangerous filesystem permissions, Exported components, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Wearable Widgets published at the 'play' market has multiple vulnerabilities...
GO Weather Forecast & Widgets - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application GO Weather Forecast & Widgets published at the 'play' market has multiple vulnerabilities...
Weather forecast & widgets - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Weather forecast & widgets published at the 'play' market has multiple vulnerabilities...
Wetter Widgets Österreich - Corrupted files, Dynamic Code Loading, Exported components vulnerabilities
HackApp vulnerability scanner discovered that application Wetter Widgets Österreich published at the 'play' market has multiple vulnerabilities...