[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256488

 
 

909

 
 

199193

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 254723 Download | Alert*

The Advanced Woo Search plugin version through 1.99 for Wordpress suffers from a sensitive information disclosure vulnerability in every ajax search request via the sql field to includes/class-aws-search.php.

Anchor 0.12.7 allows admins to cause XSS via crafted post content.

The responsive-add-ons plugin before 2.2.7 for WordPress has incorrect access control for wp-admin/admin-ajax.php?action= requests.

The users-customers-import-export-for-wp-woocommerce plugin before 1.3.9 for WordPress allows subscribers to import administrative accounts via CSV.

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS.

The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution.

An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being f ...

Beaker before 0.8.9 allows a sandbox escape, enabling system access and code execution. This occurs because Electron context isolation is not used, and therefore an attacker can conduct a prototype-pollution attack against the Electron internal messaging API.

A Denial of Service vulnerability has been identified in FlexNet Publisher's lmadmin.exe version 11.16.6. A certain message protocol can be exploited to cause lmadmin to crash.


Pages:      Start    13668    13669    13670    13671    13672    13673    13674    13675    13676    13677    13678    13679    13680    13681    ..   25472

© SecPod Technologies