[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 248845 Download | Alert*

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podlove Subscribe button plugin <=��1.3.7 versions.

The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers, with administrator-level permissions and above, to change user passwords an ...

Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Subscribe button plugin <=��1.3.7 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Oliver Schl��be Simple Yearly Archive plugin <=��2.1.8 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bernhard Kux JSON Content Importer plugin <=��1.3.15 versions.

The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions starting from 1.0.7 up to, and including, 1.1.1. This is due to missing nonce validation in the 'createTempAccountLink' function. This makes it possible for unauthenticated attackers to create a new user with administrator role via a forged request granted they can trick a site administrator into pe ...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eric Teubert Archivist ��� Custom Archive Templates plugin <=��1.7.4 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability��in Samuel Marshall JCH Optimize plugin <=��3.2.2 versions.

A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API.

A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations. There is no exposure where no LDAP client password is configured


Pages:      Start    14054    14055    14056    14057    14058    14059    14060    14061    14062    14063    14064    14065    14066    14067    ..   24884

© SecPod Technologies