32 matches found
EUVD-2021-21311
Malware in sbrugna...
EUVD-2024-30582
Malicious code in bioql PyPI...
CVE-2024-32796
Insertion of Sensitive Information Into Sent Data vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite allows Retrieve Embedded Sensitive Data.This issue affects WP Fusion Lite: from n/a through = 3.42.10...
CVE-2024-27972
Improper Control of Generation of Code 'Code Injection' vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite.This issue affects WP Fusion Lite: from n/a through = 3.41.24...
CVE-2024-32796
Insertion of Sensitive Information Into Sent Data vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite allows Retrieve Embedded Sensitive Data.This issue affects WP Fusion Lite: from n/a through = 3.42.10...
CVE-2024-32796 WordPress WP Fusion Lite <= 3.42.10 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information into Log File vulnerability in Very Good Plugins WP Fusion Lite.This issue affects WP Fusion Lite: from n/a through 3.42.10...
CVE-2024-32796 WordPress WP Fusion Lite plugin <= 3.42.10 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite allows Retrieve Embedded Sensitive Data.This issue affects WP Fusion Lite: from n/a through = 3.42.10...
CVE-2024-32796
CVE-2024-32796 concerns WP Fusion Lite (Very Good Plugins) with an Information Exposure vulnerability: insertion of sensitive data into log files. Affected range is WP Fusion Lite: all versions up to 3.42.10 (n/a–3.42.10). The CVSS vector reported is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N w...
PT-2024-24869 · WordPress · Wp Fusion Lite
Name of the Vulnerable Software and Affected Versions: WP Fusion Lite versions 3.42.10 and earlier Description: The issue is related to the insertion of sensitive information into log files. This could potentially expose sensitive data. Recommendations: For WP Fusion Lite versions 3.42.10 and...
WordPress plugin WP Fusion Lite 日志信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information...
WordPress WP Fusion Lite Plugin <=3.42.10 is vulnerable to Sensitive Data Exposure
Software WP Fusion Lite Type Plugin Vulnerable versions =3.42.10 Fixed in 3.43.0 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-32796 Patch priority Low CVSS severity Low 4.3 Developer Very Good Plugins PSID 2a910a7e6c38 Credits Majed Refaea Required...
CVE-2024-27972
Improper Control of Generation of Code 'Code Injection' vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite.This issue affects WP Fusion Lite: from n/a through = 3.41.24...
CVE-2024-27972 WordPress WP Fusion Lite plugin <= 3.41.24 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite.This issue affects WP Fusion Lite: from n/a through = 3.41.24...
PT-2024-22178 · Very Good Plugins · Wp Fusion Lite
Name of the Vulnerable Software and Affected Versions: WP Fusion Lite versions 3.41.24 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. This vulnerability allows Command Injection in Very Good...
WordPress WP Fusion Lite Plugin <= 3.41.24 is vulnerable to Remote Code Execution (RCE)
Software WP Fusion Lite Type Plugin Vulnerable versions = 3.41.24 Fixed in 3.42.10 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-27972 Patch priority Medium CVSS severity Medium 9.9 Developer Very Good Plugins PSID 814e5262b633 Credits LVT-tholv2k Required...
VulnCheck KEV: CVE-2024-27972
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Very Good Plugins WP Fusion Lite allows Command Injection.This issue affects WP Fusion Lite: from n/a through 3.41.24...
CVE-2021-34660
The WP Fusion Lite WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the startdate parameter found in the /includes/admin/logging/class-log-table-list.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.37.18...
CVE-2021-34661
The WP Fusion Lite WordPress plugin is vulnerable to Cross-Site Request Forgery via the showlogssection function found in the /includes/admin/logging/class-log-handler.php file which allows attackers to drop all logs for the plugin, in versions up to and including 3.37.18...
Cross site scripting
The WP Fusion Lite WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the startdate parameter found in the /includes/admin/logging/class-log-table-list.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.37.18...
Cross site request forgery (csrf)
The WP Fusion Lite WordPress plugin is vulnerable to Cross-Site Request Forgery via the showlogssection function found in the /includes/admin/logging/class-log-handler.php file which allows attackers to drop all logs for the plugin, in versions up to and including 3.37.18...