42 matches found
EUVD-2022-34635
Malicious code in bioql PyPI...
EUVD-2022-34625
Malicious code in bioql PyPI...
CVE-2022-2367
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation...
CVE-2022-2357
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php...
CVE-2021-39814
In ppmpvalidatewsm of drmfw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2013-5702
Multiple cross-site scripting XSS vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...
wsmpublicauctions.com Cross Site Scripting vulnerability OBB-3277052
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-2357
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php...
CVE-2022-2367
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation...
CVE-2022-2357
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php...
CVE-2022-2367
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation...
CVE-2022-2357
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php...
Design/Logic Flaw
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation...
Remote file inclusion
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php...
CVE-2022-2367 WSM Downloader <= 1.4.0 - Domain Name Restriction Bypass
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation...
CVE-2022-2367
The CVE-2022-2367 entry concerns the WordPress plugin WSM Downloader (versions ≤ 1.4.0). The vulnerability arises from inadequate validation of the link parameter, allowing bypass of domain restrictions intended to limit which images/files can be downloaded. Affected component/file: WSM Downloade...
CVE-2022-2357
The CVE-2022-2357 entry concerns the WordPress WSM Downloader plugin (versions 1.4.0 and earlier). The vulnerability resides in the plugin’s remote file download feature, enabling unauthenticated access to download local files (including wp-config.php). This is an unauthenticated arbitrary-file-d...
CVE-2022-2357 WSM Downloader <= 1.4.0 - Unauthenticated Arbitrary File Download
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php...
WordPress Plugin WSM Downloader 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2022-16086 · WordPress · Wsm Downloader
Name of the Vulnerable Software and Affected Versions: WSM Downloader WordPress plugin versions 1.4.0 and earlier Description: The issue allows any visitor to use the remote file download feature of the WSM Downloader WordPress plugin to download local files, including sensitive ones like...