EUVD-2024-43392

Malicious code in bioql PyPI...

CVE-2024-49329

Unrestricted Upload of File with Dangerous Type vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through = 1.0.0...

CVE-2024-49328

Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through = 1.0.0...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Vivektamrakar Wp_Rest_Api_Fns

CVE-2024-49328-exploit 🌟 Description: This script exploits...

CVE-2024-49329

Unrestricted Upload of File with Dangerous Type vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through = 1.0.0...

CVE-2024-49329

CVE-2024-49329 concerns the WP REST API FNS WordPress plugin (versions

CVE-2024-49328

Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through = 1.0.0...

CVE-2024-49328

CVE-2024-49328 is an authentication bypass vulnerability in the WP REST API FNS WordPress plugin, enabling account takeover. The issue affects WP REST API FNS versions from 1.0.0 and earlier, and is described consistently across sources (NVD, CVE, Red Hat). Connected documents corroborate: the vu...

WordPress WP REST API FNS Plugin <= 1.0.0 is vulnerable to Privilege Escalation

Software WP REST API FNS Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2024-49328 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID b5035012904a Credits stealthcopter Required privilege...

WordPress Rest Routes – Custom Endpoints for WP REST API Plugin < 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Rest Routes – Custom Endpoints for WP REST API Type Plugin Vulnerable versions 4.4.1 Fixed in 4.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d3ad1937efb Credits Raf...

WordPress Rest Routes – Custom Endpoints for WP REST API plugin <= 4.23.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Rest Routes – Custom Endpoints for WP REST API plugin versions = 4.23.0. Solution Update the WordPress Rest Routes – Custom Endpoints for WP REST API plugin to the latest available version at least 4.24.0...

WP REST API (WP API) <= 1.2.2 - Cross-Site Scripting (XSS)

Requests from other origins could potentially run code on the API domain, allowing cross-origin access to authentication cookies or similar...

WP REST API (WP API) <= 1.2 - Post Revision Disclosure

Unauthenticated users could access revisions of published and unpublished posts. Revisions are now only accessible to authenticated users with permission to edit the revision's post...