10web — form_maker_by_10web_-_mobile-friendly_drag_&_drop_contact_form_builder The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user’s display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-27 4.4 CVE-2024-2258
security@wordfence.com
security@wordfence.com 2day.sk,_webikon — superfaktura_woocommerce Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk, Webikon SuperFaktura WooCommerce.This issue affects SuperFaktura WooCommerce: from n/a through 1.40.3. 2024-04-24 6.4 CVE-2024-32803
audit@patchstack.com aazztech — post_slider Missing Authorization vulnerability in Aazztech Post Slider.This issue affects Post Slider: from n/a through 1.6.7. 2024-04-26 5.4 CVE-2022-40975
audit@patchstack.com accessally — popupally Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.1. 2024-04-26 5.9 CVE-2024-33639
audit@patchstack.com advancedcoding — comments_-_wpdiscuz The wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Alternative Text’ field of an uploaded image in all versions up to, and including, 7.6.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-23 6.4 CVE-2024-2477
security@wordfence.com
security@wordfence.com alumnionline_web_services_llc — wp_ada_compliance_check_basic Cross-Site Request Forgery (CSRF) vulnerability in AlumniOnline Web Services LLC WP ADA Compliance Check Basic.This issue affects WP ADA Compliance Check Basic: from n/a through 3.1.3. 2024-04-24 4.3 CVE-2024-32947
audit@patchstack.com amd — amd_software:_adrenalin_edition_ An out of bounds write vulnerability in the AMD Radeonâ„¢ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution. 2024-04-23 5.3 CVE-2024-21972
psirt@amd.com amd — amd_software:_adrenalin_edition_ An out of bounds write vulnerability in the AMD Radeonâ„¢ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution. 2024-04-23 5.3 CVE-2024-21979
psirt@amd.com automattic — jetpack Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7. 2024-04-24 5.4 CVE-2023-47774
audit@patchstack.com bdthemes — prime_slider_-_addons_for_elementor Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2. 2024-04-22 4.3 CVE-2024-32681
audit@patchstack.com bkav_corporation — bkav_home Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys driver. 2024-04-23 5.5 CVE-2024-2760
help@fluidattacks.com
help@fluidattacks.com bloompixel — max_addons_pro_for_bricks Missing Authorization vulnerability in BloomPixel Max Addons Pro for Bricks.This issue affects Max Addons Pro for Bricks: from n/a through 1.6.1. 2024-04-24 6.5 CVE-2024-32951
audit@patchstack.com bluenet_technology — clinical_browsing_system A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1. It has been classified as critical. This affects an unknown part of the file /xds/deleteStudy.php. The manipulation of the argument documentUniqueId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262149 was assigned to this vulnerability. 2024-04-27 6.3 CVE-2024-4257
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com brijesh_kothari — smart_maintenance_mode Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode.This issue affects Smart Maintenance Mode: from n/a through 1.4.4. 2024-04-26 5.4 CVE-2024-33638
audit@patchstack.com broadstreet_xpress — wordpress_ad_widget Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Broadstreet XPRESS WordPress Ad Widget allows Stored XSS.This issue affects WordPress Ad Widget: from n/a through 2.20.0. 2024-04-26 5.9 CVE-2024-33696
audit@patchstack.com brocade — brocade_sannav By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account. 2024-04-27 6.8 CVE-2024-2859
sirt@brocade.com brocade — brocade_sannav Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information. 2024-04-25 4.3 CVE-2024-4159
sirt@brocade.com byron — gitoxide gitoxide is a pure Rust implementation of Git. `gix-transport` does not check the username part of a URL for text that the external `ssh` program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clone URL is used by an application whose current working directory contains a malicious file, arbitrary code execution occurs. This is related to the patched vulnerability GHSA-rrjw-j4m2-mf34, but appears less severe due to a greater attack complexity. This issue has been patched in versions 0.35.0, 0.42.0 and 0.62.0. 2024-04-26 6.4 CVE-2024-32884
security-advisories@github.com
security-advisories@github.com cbutlerjr — wp-members_membership_plugin The WP-Members Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.4.9.3 due to the plugin uploading user supplied files to a publicly accessible directory in wp-content without any restrictions. This makes it possible for unauthenticated attackers to view files uploaded by other users which may contain sensitive information. 2024-04-26 5.3 CVE-2024-2920
security@wordfence.com
security@wordfence.com checkmk_gmbh — checkmk Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password brute-forcing. 2024-04-24 5.9 CVE-2024-28825
security@checkmk.com cisco — cisco_adaptive_security_appliance_(asa)_software A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability exists because the contents of a backup file are improperly sanitized at restore time. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as root. 2024-04-24 6 CVE-2024-20358
ykramarz@cisco.com cisco — cisco_adaptive_security_appliance_(asa)_software A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High. 2024-04-24 6 CVE-2024-20359
ykramarz@cisco.com cisco — cisco_telepresence_management_suite_(tms) A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2024-04-24 5.4 CVE-2023-20249
ykramarz@cisco.com clickcease — clickcease_click_fraud_protection URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.44.7212. 2024-04-24 4.1 CVE-2024-32078
audit@patchstack.com clickcease — clickcease_click_fraud_protection Cross-Site Request Forgery (CSRF) vulnerability in ClickCease ClickCease Click Fraud Protection.This issue affects ClickCease Click Fraud Protection: from n/a through 3.2.4. 2024-04-26 4.3 CVE-2024-33678
audit@patchstack.com code_tides — advanced_floating_content Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Code Tides Advanced Floating Content allows Stored XSS.This issue affects Advanced Floating Content: from n/a through 1.2.5. 2024-04-24 5.9 CVE-2024-32723
audit@patchstack.com contemporary_controls — basrouter_bacnet_basrt-b A vulnerability classified as critical has been found in Contemporary Controls BASrouter BACnet BASRT-B 2.7.2. Affected is an unknown function of the component Device-Communication-Control Service. The manipulation with the input 55ff0500370015f30104025506110afb7519035d0841e4bece257b6acfc71f leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-262224. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-04-27 6.5 CVE-2024-4292
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com cookie_information_a/s — wp_gdpr_compliance Cross-Site Request Forgery (CSRF) vulnerability in Cookie Information A/S WP GDPR Compliance.This issue affects WP GDPR Compliance: from n/a through 2.0.23. 2024-04-26 5.4 CVE-2024-33682
audit@patchstack.com coschedule — headline_analyzer Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule Headline Analyzer.This issue affects Headline Analyzer: from n/a through 1.3.3. 2024-04-24 4.3 CVE-2024-32806
audit@patchstack.com cozmoslabs — paid_member_subscriptions Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a through 2.11.0. 2024-04-24 4.3 CVE-2024-32728
audit@patchstack.com creative_themes_hq — blocksy Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Creative Themes HQ Blocksy allows Stored XSS.This issue affects Blocksy: from n/a through 2.0.33. 2024-04-25 6.5 CVE-2024-32961
audit@patchstack.com crocoblock — jetformbuilder Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4. 2024-04-24 5.3 CVE-2023-48763
audit@patchstack.com cryout_creations — serious_slider Cross-Site Request Forgery (CSRF) vulnerability in Cryout Creations Serious Slider.This issue affects Serious Slider: from n/a through 1.2.4. 2024-04-26 4.3 CVE-2024-33650
audit@patchstack.com culqi — culqi Server-Side Request Forgery (SSRF) vulnerability in Culqi.This issue affects Culqi: from n/a through 3.0.14. 2024-04-24 4.9 CVE-2024-32819
audit@patchstack.com cyanomiko — dcnnt-py A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It has been classified as critical. Affected is the function main of the file dcnnt/plugins/notifications.py of the component Notification Handler. The manipulation leads to command injection. It is possible to launch the attack remotely. Upgrading to version 0.9.1 is able to address this issue. The patch is identified as b4021d784a97e25151a5353aa763a741e9a148f5. It is recommended to upgrade the affected component. VDB-262230 is the identifier assigned to this vulnerability. 2024-04-27 6.3 CVE-2023-1000
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com daniel_powney — multi_rating Missing Authorization vulnerability in Daniel Powney Multi Rating allows Functionality Misuse.This issue affects Multi Rating: from n/a through 5.0.6. 2024-04-24 5.3 CVE-2023-32127
audit@patchstack.com dell — wyse_proprietary_os_(modern_thinos) Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability to read sensitive proxy settings information. 2024-04-24 6.2 CVE-2024-28963
security_alert@emc.com dfir-iris — iris-web Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in `iris-web` is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability can lead to an arbitrary Remote Code Execution. An authenticated administrator has to upload a crafted report template containing the payload. Upon generation of a report based on the weaponized report, any user can trigger the vulnerability. The vulnerability is patched in IRIS v2.4.6. No workaround is available. It is recommended to update as soon as possible. Until patching, review the report templates and keep the administrative privileges that include the upload of report templates limited to dedicated users. 2024-04-25 6.8 CVE-2024-25624
security-advisories@github.com e4j_s.r.l. — vikrentcar Exposure of Sensitive Information to an Unauthorized Actor vulnerability in E4J s.R.L. VikRentCar.This issue affects VikRentCar: from n/a through 1.3.2. 2024-04-24 5.9 CVE-2024-32780
audit@patchstack.com ekojr — advanced_post_list Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in EkoJR Advanced Post List allows Stored XSS.This issue affects Advanced Post List: from n/a through 0.5.6.1. 2024-04-26 5.9 CVE-2024-33642
audit@patchstack.com element-hq — synapse Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service. Servers in private federations, or those that do not federate, are not affected. Server administrators should upgrade to 1.105.1 or later. Some workarounds are available. One can ban the malicious users or ACL block servers from the rooms and/or leave the room and purge the room using the admin API. 2024-04-23 6.5 CVE-2024-31208
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com elespare — elespare_-_blog_magazine_and_newspaper_addons_for_elementor_with_templates_widgets_kits,_and_header/footer_builder._one_click_import:_no_coding_required The Elespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One Click Import: No Coding Skills Required! plugin for WordPress is vulnerable to unauthorized post creation due to a missing capability check on the elespare_create_post() function hooked via AJAX in all versions up to, and including, 2.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary posts. 2024-04-23 4.3 CVE-2024-0900
security@wordfence.com
security@wordfence.com essential_addons — essential_addons_for_elementor_pro The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Counter widget in all versions up to, and including, 5.8.11 due to insufficient input sanitization and output escaping on user supplied attributes such as ‘title_html_tag’. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-22 6.4 CVE-2024-3645
security@wordfence.com
security@wordfence.com extend_themes — teluro Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affects Teluro: from n/a through 1.0.31. 2024-04-26 4.3 CVE-2024-33688
audit@patchstack.com fahad_mahmood — rss_feed_widget Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Fahad Mahmood RSS Feed Widget allows Stored XSS.This issue affects RSS Feed Widget: from n/a through 2.9.7. 2024-04-22 5.9 CVE-2024-32690
audit@patchstack.com famethemes — fametheme_demo_importer Cross-Site Request Forgery (CSRF) vulnerability in FameThemes FameTheme Demo Importer.This issue affects FameTheme Demo Importer: from n/a through 1.1.5. 2024-04-26 4.3 CVE-2024-33679
audit@patchstack.com feedbackwp — rate_my_post_-_wp_rating_system Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.4. 2024-04-24 5.3 CVE-2024-32823
audit@patchstack.com foliovision — fv_flowplayer_video_player Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.43.7212. 2024-04-24 4.9 CVE-2024-32955
audit@patchstack.com formassembly_/_drew_buschhorn — wp-formassembly Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Path Traversal.This issue affects WP-FormAssembly: from n/a through 2.0.5. 2024-04-24 6.5 CVE-2022-45852
audit@patchstack.com fr-d-ric_gilles — fg_joomla_to_wordpress Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Joomla to WordPress.This issue affects FG Joomla to WordPress: from n/a through 4.20.2. 2024-04-24 5.3 CVE-2024-32788
audit@patchstack.com ghozylab — image_slider_widget Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in GhozyLab Image Slider Widget allows Stored XSS.This issue affects Image Slider Widget: from n/a through 1.1.125. 2024-04-24 5.9 CVE-2024-32707
audit@patchstack.com gitlab — gitlab An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an attacker through a crafted email address may be able to bypass domain based restrictions on an instance or a group. 2024-04-25 4.3 CVE-2024-1347
cve@gitlab.com
cve@gitlab.com gitlab — gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions 2024-04-25 4.3 CVE-2024-4006
cve@gitlab.com gohugoio — hugo Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The issue is patched in v0.125.3. As a workaround, replace the templates with user defined templates or disable the internal templates. 2024-04-23 6.1 CVE-2024-32875
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com grassroot_dicom — grassroot_dicom An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability. 2024-04-25 6.5 CVE-2024-25569
talos-cna@cisco.com gt3themes — photo_gallery_-_gt3_image_gallery_&_gutenberg_block_gallery The Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.7.7.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-25 6.4 CVE-2024-4035
security@wordfence.com
security@wordfence.com hasthemes — ht_mega Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HasThemes HT Mega.This issue affects HT Mega: from n/a through 2.4.7. 2024-04-24 4.3 CVE-2024-32782
audit@patchstack.com helloasso — helloasso Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.5. 2024-04-22 6.5 CVE-2024-32697
audit@patchstack.com hinjiriyo — quick_featured_images The Quick Featured Images plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the set_thumbnail and delete_thumbnail functions in all versions up to, and including, 13.7.0. This makes it possible for authenticated attackers, with contributor-level access and above, to delete thumbnails and add thumbnails to posts they did not author. 2024-04-23 4.3 CVE-2024-3664
security@wordfence.com
security@wordfence.com hitachi — hitachi_ops_center_administrator Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1. 2024-04-23 4.4 CVE-2023-6833
hirt@hitachi.co.jp holded — holded Cross-Site Scripting (XSS) vulnerability in the Holded application. This vulnerability could allow an attacker to store a JavaScript payload within all editable parameters within the ‘General’ and ‘Team ID’ functionalities, which could result in a session takeover. 2024-04-22 4.6 CVE-2024-4026
cve-coordination@incibe.es honojs — hono Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.2.7, when using serveStatic with deno, it is possible to traverse the directory where `main.ts` is located. This can result in retrieval of unexpected files. Version 4.2.7 contains a patch for the issue. 2024-04-23 5.3 CVE-2024-32869
security-advisories@github.com
security-advisories@github.com hyperion — hyperion_web_server Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server affecting version 2.0.15. This vulnerability could allow an attacker to execute malicious Javascript code on the client by injecting that code into the URL. 2024-04-25 5.4 CVE-2024-4174
cve-coordination@incibe.es hyperion — hyperion_web_server Unicode transformation vulnerability in Hyperion affecting version 2.0.15. This vulnerability could allow an attacker to send a malicious payload with Unicode characters that will be replaced by ASCII characters. 2024-04-25 5.4 CVE-2024-4175
cve-coordination@incibe.es ibm — qradar_suite_software IBM QRadar Suite Software 1.10.12.0 through 1.10.19.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 272203. 2024-04-23 5.4 CVE-2023-47731
psirt@us.ibm.com
psirt@us.ibm.com ibm — websphere_application_server IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 281516. 2024-04-25 5.9 CVE-2024-25026
psirt@us.ibm.com
psirt@us.ibm.com implecode — reviews_plus Missing Authorization vulnerability in impleCode Reviews Plus.This issue affects Reviews Plus: from n/a through 1.3.4. 2024-04-26 4.3 CVE-2024-32822
audit@patchstack.com jegstudio — financio Cross-Site Request Forgery (CSRF) vulnerability in Jegstudio Financio.This issue affects Financio: from n/a through 1.1.3. 2024-04-26 4.3 CVE-2024-33690
audit@patchstack.com jegtheme — jeg_elementor_kit Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a through 2.6.3. 2024-04-24 6.5 CVE-2024-32721
audit@patchstack.com jeroen_peters — all-in-one_like_widget Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jeroen Peters All-in-one Like Widget allows Stored XSS.This issue affects All-in-one Like Widget: from n/a through 2.2.7. 2024-04-24 5.9 CVE-2024-32815
audit@patchstack.com kashipara — online_furniture_shopping_ecommerce_website A vulnerability, which was classified as critical, was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. This affects an unknown part of the file search.php. The manipulation of the argument txtSearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261795. 2024-04-23 6.3 CVE-2024-4069
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com kashipara — online_furniture_shopping_ecommerce_website A vulnerability has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and classified as critical. This vulnerability affects unknown code of the file prodList.php. The manipulation of the argument prodType leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261796. 2024-04-23 6.3 CVE-2024-4070
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com kashipara — online_furniture_shopping_ecommerce_website A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and classified as critical. This issue affects some unknown processing of the file prodInfo.php. The manipulation of the argument prodId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261797 was assigned to this vulnerability. 2024-04-23 6.3 CVE-2024-4071
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com keenetic — kn-1010 A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /ndmComponents.js of the component Configuration Setting Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261673 was assigned to this vulnerability. NOTE: The vendor is aware of this issue and plans to fix it by the end of 2024. 2024-04-21 5.3 CVE-2024-4021
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com keenetic — kn-1010 A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261674 is the identifier assigned to this vulnerability. NOTE: The vendor is aware of this issue and plans to fix it by the end of 2024. 2024-04-21 5.3 CVE-2024-4022
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com leap13 — premium_addons_for_elementor Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.25. 2024-04-24 6.5 CVE-2024-32791
audit@patchstack.com leevio — happy_addons_for_elementor Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Leevio Happy Addons for Elementor allows Stored XSS.This issue affects Happy Addons for Elementor: from n/a through 3.10.4. 2024-04-22 6.5 CVE-2024-32698
audit@patchstack.com live_composer_team — page_builder:_live_composer Missing Authorization vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.38. 2024-04-26 4.7 CVE-2024-32957
audit@patchstack.com loginpress — loginpress_pro Missing Authorization vulnerability in LoginPress LoginPress Pro.This issue affects LoginPress Pro: from n/a before 3.0.0. 2024-04-24 6.5 CVE-2024-32677
audit@patchstack.com loginpress — loginpress_pro Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro.This issue affects LoginPress Pro: from n/a before 3.0.0. 2024-04-25 5.3 CVE-2024-32676
audit@patchstack.com logitech — mevo_webcam_app Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local Execution of Code. 2024-04-23 4.4 CVE-2024-4031
cve-coordination@logitech.com long_watch_studio — myrewards Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0. 2024-04-22 6.5 CVE-2024-32688
audit@patchstack.com magazine3 — schema_&_structured_data_for_wp_&_amp The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s “How To” and “FAQ” Blocks in all versions up to, and including, 1.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-23 6.4 CVE-2024-3491
security@wordfence.com
security@wordfence.com mainwp — mainwp_child_reports Cross-Site Request Forgery (CSRF) vulnerability in MainWP MainWP Child Reports.This issue affects MainWP Child Reports: from n/a through 2.1.1. 2024-04-26 5.4 CVE-2024-33680
audit@patchstack.com mattermost — mattermost Mattermost versions 9.6.x <= 9.6.0, 9.5.x <= 9.5.2, 9.4.x <= 9.4.4 and 8.1.x <= 8.1.11 fail to remove detailed error messages in API requests even if the developer mode is off which allows an attacker to get information about the server such as the full path were files are stored 2024-04-26 4.3 CVE-2024-32046
responsibledisclosure@mattermost.com mattermost — mattermost Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values, which allows an authenticated attacker to crash other users’ web clients via a malformed custom status. 2024-04-26 4.3 CVE-2024-4182
responsibledisclosure@mattermost.com mattermost — mattermost Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x before 9.4.5 fail to limit the number of active sessions, which allows an authenticated attacker to crash the server via repeated requests to the getSessions API after flooding the sessions table. 2024-04-26 4.3 CVE-2024-4183
responsibledisclosure@mattermost.com matthew_fries — mf_gig_calendar_ Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a through 1.2.1. 2024-04-26 5.4 CVE-2024-33651
audit@patchstack.com meks — meks_smart_social_widget Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Meks Meks Smart Social Widget allows Stored XSS.This issue affects Meks Smart Social Widget: from n/a through 1.6.4. 2024-04-26 5.9 CVE-2024-33693
audit@patchstack.com meks — meks_themeforest_smart_widget Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Meks Meks ThemeForest Smart Widget allows Stored XSS.This issue affects Meks ThemeForest Smart Widget: from n/a through 1.5. 2024-04-26 5.9 CVE-2024-33694
audit@patchstack.com metagauss — profilegrid_ Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. 2024-04-24 5.4 CVE-2024-32808
audit@patchstack.com metagauss — profilegrid_ Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. 2024-04-24 4.3 CVE-2024-32772
audit@patchstack.com metagauss — registrationmagic Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.1.9.2. 2024-04-24 5.3 CVE-2023-23989
audit@patchstack.com metersphere — metersphere MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue. 2024-04-25 5.7 CVE-2024-32467
security-advisories@github.com monsterinsights — google_analytics_by_monster_insights Missing Authorization vulnerability in MonsterInsights Google Analytics by Monster Insights.This issue affects Google Analytics by Monster Insights: from n/a through 8.21.0. 2024-04-25 4.3 CVE-2023-52220
audit@patchstack.com mra13 — simple_membership The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘swpm_paypal_subscription_cancel_link’ shortcode in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-25 5.4 CVE-2024-3730
security@wordfence.com
security@wordfence.com mycred — mycred Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in myCred allows Stored XSS.This issue affects myCred: from n/a through 2.6.3. 2024-04-24 6.5 CVE-2024-32711
audit@patchstack.com n/a — coupon_&_discount_code_reveal_button Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code Reveal Button: from n/a through 1.2.5. 2024-04-24 5.9 CVE-2024-32722
audit@patchstack.com n/a — idccms A vulnerability classified as problematic was found in idcCMS 1.35. Affected by this vulnerability is an unknown functionality of the file /admin/admin_cl.php?mudi=revPwd. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261991. 2024-04-25 4.3 CVE-2024-4172
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com n/a — import_and_export_users_and_customers Deserialization of Untrusted Data vulnerability in Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.26.2. 2024-04-24 4.4 CVE-2024-32817
audit@patchstack.com nick_halsey — list_custom_taxonomy_widget Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Nick Halsey List Custom Taxonomy Widget allows Stored XSS.This issue affects List Custom Taxonomy Widget: from n/a through 4.1. 2024-04-24 5.9 CVE-2024-32833
audit@patchstack.com nixos — hydra Hydra is a Continuous Integration service for Nix based projects. Attackers can execute arbitrary code in the browser context of Hydra and execute authenticated HTTP requests. The abused feature allows Nix builds to specify files that Hydra serves to clients. One use of this functionality is serving NixOS `.iso` files. The issue is only with html files served by Hydra. The issue has been patched on https://hydra.nixos.org around 2024-04-21 14:30 UTC. The nixpkgs package were fixed in unstable and 23.11. Users with custom Hydra packages can apply the fix commit to their local installations. The vulnerability is only triggered when opening HTML build artifacts, so not opening them until the vulnerability is fixed works around the issue. 2024-04-22 4.6 CVE-2024-32657
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com octolize — flexible_shipping Missing Authorization vulnerability in Octolize Flexible Shipping.This issue affects Flexible Shipping: from n/a through 4.24.15. 2024-04-26 4.3 CVE-2024-32828
audit@patchstack.com optinmonster_popup_builder_team — optinmonster Cross-Site Request Forgery (CSRF) vulnerability in OptinMonster Popup Builder Team OptinMonster.This issue affects OptinMonster: from n/a through 2.15.3. 2024-04-26 4.3 CVE-2024-33691
audit@patchstack.com ovic_team — ovic_addon_toolkit Missing Authorization vulnerability in Ovic Team Ovic Addon Toolkit.This issue affects Ovic Addon Toolkit: from n/a through 2.6.1. 2024-04-24 4.3 CVE-2024-32432
audit@patchstack.com paid_memberships_pro — paid_memberships_pro Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10. 2024-04-24 5.4 CVE-2024-32793
audit@patchstack.com paid_memberships_pro — paid_memberships_pro Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10. 2024-04-24 4.3 CVE-2024-32794
audit@patchstack.com paoltaia — geodirectory_-_wordpress_business_directory_plugin_or_classified_directory The GeoDirectory – WordPress Business Directory Plugin, or Classified Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘gd_single_tabs’ shortcode in all versions up to, and including, 2.3.48 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-23 6.4 CVE-2024-3732
security@wordfence.com
security@wordfence.com pavex — embed_google_photos_album Server-Side Request Forgery (SSRF) vulnerability in Pavex Embed Google Photos album.This issue affects Embed Google Photos album: from n/a through 2.1.9. 2024-04-24 4.9 CVE-2024-32775
audit@patchstack.com phpgurukul — doctor_appointment_management_system A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknown functionality of the file /doctor/view-appointment-detail.php. The manipulation of the argument editid leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-262226 is the identifier assigned to this vulnerability. 2024-04-27 6.3 CVE-2024-4294
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com podlove — podlove_podcast_publisher Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.11. 2024-04-24 5.4 CVE-2024-32812
audit@patchstack.com pr-gateway — blog2social:_social_media_auto_post_&_scheduler The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.4.2. This makes it possible for unauthenticated attackers to view limited information from password protected posts. 2024-04-26 5.3 CVE-2024-3678
security@wordfence.com
security@wordfence.com
security@wordfence.com pt-guy — content_views_-_post_grid_&_filter,_recent_posts,_category_posts,_&_more_(gutenberg_blocks_and_shortcode) The Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Widget Post Overlay block in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-25 6.4 CVE-2024-3929
security@wordfence.com
security@wordfence.com python-social-auth — social-app-django Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed by a fix released in version 5.4.1. An immediate workaround would be to change collation of the affected field. 2024-04-24 4.9 CVE-2024-32879
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com qnap_systems_inc. — qts An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later 2024-04-26 6.5 CVE-2024-21905
security@qnapsecurity.com.tw qnap_systems_inc. — qts A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later 2024-04-26 5 CVE-2023-50361
security@qnapsecurity.com.tw qnap_systems_inc. — qts A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later 2024-04-26 5 CVE-2023-50362
security@qnapsecurity.com.tw qnap_systems_inc. — qts A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later 2024-04-26 5.5 CVE-2023-50364
security@qnapsecurity.com.tw qnap_systems_inc. — qufirewall A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: QuFirewall 2.4.1 ( 2024/02/01 ) and later 2024-04-26 5.5 CVE-2023-41291
security@qnapsecurity.com.tw qnap_systems_inc. — qufirewall A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: QuFirewall 2.4.1 ( 2024/02/01 ) and later 2024-04-26 4.1 CVE-2023-41290
security@qnapsecurity.com.tw qodeinteractive — qi_addons_for_elementor The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget’s attributes in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-27 6.4 CVE-2024-3309
security@wordfence.com
security@wordfence.com quantumcloud — infographic_maker_-_ilist Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – iList: from n/a through 4.6.6. 2024-04-22 6.5 CVE-2024-32696
audit@patchstack.com rankmath — rank_math_seo_with_ai_best_seo_tools The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s HowTo and FAQ widgets in all versions up to, and including, 1.0.216 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-23 6.4 CVE-2024-3665
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com rapid7 — insight_agent A key used in logging.json does not follow the least privilege principle by default and is exposed to local users in the Rapid7 Platform. This allows an attacker with local access to a machine with the logging.json file to use that key to authenticate to the platform with high privileges. This was fixed in the Rapid7 platform starting 3 April 2024 via the introduction of a restricted role and the removal of automatic API key generation on installation of an agent. 2024-04-23 6.8 CVE-2024-3185
cve@rapid7.com realmag777 — active_products_tables_for_woocommerce Missing Authorization vulnerability in realmag777 Active Products Tables for WooCommerce.This issue affects Active Products Tables for WooCommerce: from n/a through 1.0.6.2. 2024-04-22 5.3 CVE-2024-32691
audit@patchstack.com red_hat — logging_subsystem_for_red_hat_openshift A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching. 2024-04-25 5.3 CVE-2024-0874
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_build_of_keycloak A vulnerability was found in jberet-core logging. An exception in ‘dbProperties’ might display user credentials such as the username and password for the database-connection. 2024-04-25 6.5 CVE-2024-1102
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_build_of_keycloak_22 A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance. 2024-04-25 6 CVE-2023-6717
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_build_of_keycloak_22 A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter “prompt=login,” prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting “Restart login,” an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session. 2024-04-25 6.5 CVE-2023-6787
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_build_of_keycloak_22 A flaw was found in Keycloak, where it does not correctly validate its client step-up authentication in org.keycloak.authentication. This flaw allows a remote user authenticated with a password to register a false second authentication factor along with an existing one and bypass authentication. 2024-04-25 5 CVE-2023-3597
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_build_of_keycloak_22 A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity. 2024-04-25 5.3 CVE-2023-6484
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_build_of_keycloak_22 A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized. 2024-04-25 5.4 CVE-2023-6544
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_build_of_quarkus_2.13.9.final A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either ‘quarkus.security.jaxrs.deny-unannotated-endpoints’ or ‘quarkus.security.jaxrs.default-roles-allowed’ properties. 2024-04-25 6.5 CVE-2023-5675
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_build_of_quarkus_3.2.11.final A flaw was discovered in the RESTEasy Reactive implementation in Quarkus. Due to security checks for some JAX-RS endpoints being performed after serialization, more processing resources are consumed while the HTTP request is checked. In certain configurations, if an attacker has knowledge of any POST, PUT, or PATCH request paths, they can potentially identify vulnerable endpoints and trigger excessive resource usage as the endpoints process the requests. This can result in a denial of service. 2024-04-25 5.3 CVE-2024-1726
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_enterprise_linux_6 A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode. 2024-04-25 5.9 CVE-2024-2467
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_enterprise_linux_8 A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access. 2024-04-25 6.2 CVE-2024-2905
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com red_hat — red_hat_trusted_profile_analyzer A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in the JSON. To perform this verification, the uploaded file must first be decompressed. 2024-04-25 4.3 CVE-2024-3508
secalert@redhat.com
secalert@redhat.com renehermi — wp_staging_wordpress_backup_plugin_-_migration_backup_restore The WP STAGING and WP STAGING Pro plugins for WordPress are vulnerable to Sensitive Information Exposure in versions up to, and including, 3.4.3, and versions up to, and including, 5.4.3, respectively, via the ajaxSendReport function. This makes it possible for unauthenticated attackers to extract sensitive data from a log file, including system information and (in the Pro version) license keys. Successful exploitation requires an administrator to have used the ‘Contact Us’ functionality along with the “Enable this option to automatically submit the log files.” option. 2024-04-26 5.3 CVE-2024-3682
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com renzo_johnson — contact_form_7_extension_for_mailchimp Cross-Site Request Forgery (CSRF) vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70. 2024-04-26 4.3 CVE-2024-33677
audit@patchstack.com repute_infosystems — bookingpress Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BookingPress: from n/a through 1.0.74. 2024-04-24 5.3 CVE-2023-51405
audit@patchstack.com revmakx — wpcal.io_-_easy_meeting_scheduler Cross-Site Request Forgery (CSRF) vulnerability in Revmakx WPCal.Io – Easy Meeting Scheduler.This issue affects WPCal.Io – Easy Meeting Scheduler: from n/a through 0.9.5.8. 2024-04-24 4.3 CVE-2024-32795
audit@patchstack.com rimes_gold — cf7_file_download_-_file_download_for_cf7 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Rimes Gold CF7 File Download – File Download for CF7 allows Stored XSS.This issue affects CF7 File Download – File Download for CF7: from n/a through 2.0. 2024-04-26 5.9 CVE-2024-33697
audit@patchstack.com rometheme — romethemekit_for_elementor Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Rometheme RomethemeKit For Elementor allows Stored XSS.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1. 2024-04-24 6.5 CVE-2024-32956
audit@patchstack.com ruijie — rg-uac A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. The manipulation of the argument name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262145 was assigned to this vulnerability. 2024-04-27 4.7 CVE-2024-4255
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com satrya — smart_recent_posts_widget Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3. 2024-04-26 5.9 CVE-2024-33692
audit@patchstack.com sayful_islam — filterable_portfolio Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Sayful Islam Filterable Portfolio allows Stored XSS.This issue affects Filterable Portfolio: from n/a through 1.6.4. 2024-04-26 5.9 CVE-2024-4234
audit@patchstack.com shaonsina — sina_extension_for_elementor_(slider_gallery_form_modal_data_table_tab_particle_free_elementor_widgets_&_elementor_templates) The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Sina Fancy Text Widget in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-25 6.4 CVE-2024-3988
security@wordfence.com
security@wordfence.com
security@wordfence.com shapedplugin — widget_post_slider Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ShapedPlugin Widget Post Slider allows Stored XSS.This issue affects Widget Post Slider: from n/a through 1.3.5. 2024-04-24 5.9 CVE-2024-32801
audit@patchstack.com shared_files_pro — shared_files Missing Authorization vulnerability in Shared Files PRO Shared Files.This issue affects Shared Files: from n/a through 1.7.16. 2024-04-23 5.3 CVE-2024-32679
audit@patchstack.com shoaib_saleem — wp_post_rating Missing Authorization vulnerability in Shoaib Saleem WP Post Rating allows Functionality Misuse.This issue affects WP Post Rating: from n/a through 2.5. 2024-04-24 5.3 CVE-2023-25785
audit@patchstack.com sidekiq — sidekiq Sidekiq is simple, efficient background processing for Ruby. Sidekiq is reflected XSS vulnerability. The value of substr parameter is reflected in the response without any encoding, allowing an attacker to inject Javascript code into the response of the application. An attacker could exploit it to target users of the Sidekiq Web UI. Moreover, if other applications are deployed on the same domain or website as Sidekiq, users of those applications could also be affected, leading to a broader scope of compromise. Potentially compromising their accounts, forcing the users to perform sensitive actions, stealing sensitive data, performing CORS attacks, defacement of the web application, etc. This issue has been patched in version 7.2.4. 2024-04-26 5.5 CVE-2024-32887
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com skylot — jadx jadx is a Dex to Java decompiler. Prior to version 1.5.0, the package name is not filtered before concatenation. This can be exploited to inject arbitrary code into the package name. The vulnerability allows an attacker to execute commands with shell privileges. Version 1.5.0 contains a patch for the vulnerability. 2024-04-22 6.1 CVE-2024-32653
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com softlab — radio_player Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. 2024-04-25 5.4 CVE-2024-33592
audit@patchstack.com sourcecodester — simple_subscription_website A vulnerability, which was classified as critical, was found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file view_application.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-261822 is the identifier assigned to this vulnerability. 2024-04-24 6.3 CVE-2024-4093
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com streamweasels — streamweasels_twitch_integration Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StreamWeasels StreamWeasels Twitch Integration.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.8. 2024-04-24 5.3 CVE-2024-32716
audit@patchstack.com supsystic — data_tables_generator_by_supsystic Missing Authorization vulnerability in Supsystic Data Tables Generator by Supsystic.This issue affects Data Tables Generator by Supsystic: from n/a through 1.10.31. 2024-04-26 4.3 CVE-2024-32829
audit@patchstack.com techlabpro1 — classified_listing_-_classified_ads_&_business_directory_plugin The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtcl_fb_gallery_image_delete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachements. 2024-04-25 5.3 CVE-2024-3893
security@wordfence.com
security@wordfence.com thehappymonster — happy_addons_for_elementor The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Calendly widget in all versions up to, and including, 3.10.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-26 6.4 CVE-2024-3890
security@wordfence.com
security@wordfence.com themencode — fan_page_widget_by_themencode Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ThemeNcode Fan Page Widget by ThemeNcode allows Stored XSS.This issue affects Fan Page Widget by ThemeNcode: from n/a through 2.0. 2024-04-26 5.9 CVE-2024-33695
audit@patchstack.com themeum — tutor_lms_-_elearning_and_online_course_solution The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘tutor_instructor_list’ shortcode in all versions up to, and including, 2.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-25 5.4 CVE-2024-3994
security@wordfence.com
security@wordfence.com tony_zeoli,_tony_hayes — radio_station Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli, Tony Hayes Radio Station.This issue affects Radio Station: from n/a through 2.5.7. 2024-04-26 4.3 CVE-2024-33689
audit@patchstack.com trackship — trackship_for_woocommerce Missing Authorization vulnerability in TrackShip TrackShip for WooCommerce.This issue affects TrackShip for WooCommerce: from n/a through 1.7.5. 2024-04-24 5.3 CVE-2024-32678
audit@patchstack.com twinpictures — annual_archive Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through 1.6.0. 2024-04-26 5.9 CVE-2024-33598
audit@patchstack.com umbraco — umbraco.workflow.issues Umbraco workflow provides workflows for the Umbraco content management system. Prior to versions 10.3.9, 12.2.6, and 13.0.6, an Umbraco Backoffice user can modify requests to a particular API endpoint to include SQL, which will be executed by the server. Umbraco Workflow versions 10.3.9, 12.2.6, 13.0.6, as well as Umbraco Plumber version 10.1.2, contain a patch for this issue. 2024-04-24 5.5 CVE-2024-32872
security-advisories@github.com vektor,inc. — vk_block_patterns Missing Authorization vulnerability in Vektor,Inc. VK Block Patterns.This issue affects VK Block Patterns: from n/a through 1.31.0. 2024-04-26 5.3 CVE-2024-32826
audit@patchstack.com very_good_plugins — wp_fusion_lite Insertion of Sensitive Information into Log File vulnerability in Very Good Plugins WP Fusion Lite.This issue affects WP Fusion Lite: from n/a through 3.42.10. 2024-04-24 4.3 CVE-2024-32796
audit@patchstack.com vyperlang — vyper Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a `range` of the form `range(start, start + N)`, if `start` is negative, the execution will always revert. This issue is caused by an incorrect assertion inserted by the code generation of the range `stmt.parse_For_range()`. The issue arises when `start` is signed, instead of using `sle`, `le` is used and `start` is interpreted as an unsigned integer for the comparison. If it is a negative number, its 255th bit is set to `1` and is hence interpreted as a very large unsigned integer making the assertion always fail. Any contract having a `range(start, start + N)` where `start` is a signed integer with the possibility for `start` to be negative is affected. If a call goes through the loop while supplying a negative `start` the execution will revert. Version 0.4.0b1 fixes the issue. 2024-04-25 5.3 CVE-2024-32481
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com vyperlang — vyper Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when `raw_log` builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in production. The `build_IR` function of the `RawLog` class fails to properly unwrap the variables provided as topics. Consequently, incorrect values are logged as topics. As of time of publication, no fixed version is available. 2024-04-25 5.3 CVE-2024-32645
security-advisories@github.com vyperlang — vyper Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `slice` builtin can result in a double eval vulnerability when the buffer argument is either `msg.data`, `self.code` or `<address>.code` and either the `start` or `length` arguments have side-effects. It can be easily triggered only with the versions `<0.3.4` as `0.3.4` introduced the unique symbol fence. No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions are available. 2024-04-25 5.3 CVE-2024-32646
security-advisories@github.com vyperlang — vyper Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `create_from_blueprint` builtin can result in a double eval vulnerability when `raw_args=True` and the `args` argument has side-effects. It can be seen that the `_build_create_IR` function of the `create_from_blueprint` builtin doesn’t cache the mentioned `args` argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions exist. 2024-04-25 5.3 CVE-2024-32647
security-advisories@github.com
security-advisories@github.com vyperlang — vyper Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Prior to version 0.3.0, default functions don’t respect nonreentrancy keys and the lock isn’t emitted. No vulnerable production contracts were found. Additionally, using a lock on a `default` function is a very sparsely used pattern. As such, the impact is low. Version 0.3.0 contains a patch for the issue. 2024-04-25 5.3 CVE-2024-32648
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com vyperlang — vyper Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `sqrt` builtin can result in double eval vulnerability when the argument has side-effects. It can be seen that the `build_IR` function of the `sqrt` builtin doesn’t cache the argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions are available. 2024-04-25 5.3 CVE-2024-32649
security-advisories@github.com watchdog — watchdog_antivirus Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002014 IOCTL code of the wsdk-driver.sys driver. 2024-04-23 5.5 CVE-2024-1241
help@fluidattacks.com
help@fluidattacks.com webangon — the_pack_elementor_addons Server-Side Request Forgery (SSRF) vulnerability in Webangon The Pack Elementor.This issue affects The Pack Elementor addons: from n/a through 2.0.8.2. 2024-04-24 4.9 CVE-2024-32718
audit@patchstack.com webtoffee — import_export_wordpress_users Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a through 2.5.3. 2024-04-24 5.4 CVE-2024-32835
audit@patchstack.com webtoffee — woocommerce_shipping_label Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping Label: from n/a through 2.3.8. 2024-04-24 5.9 CVE-2024-32834
audit@patchstack.com welotec — smart_ems An unauthenticated remote attacker can deceive users into performing unintended actions due to improper restriction of rendered UI layers or frames.  2024-04-23 6.5 CVE-2024-3911
info@cert.vde.com wp_republic — hide_dashboard_notifications Cross-Site Request Forgery (CSRF) vulnerability in WP Republic Hide Dashboard Notifications.This issue affects Hide Dashboard Notifications: from n/a through 1.2.3. 2024-04-26 4.3 CVE-2024-33683
audit@patchstack.com wp_royal — royal_elementor_kit Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a through 1.0.116. 2024-04-24 4.3 CVE-2024-32773
audit@patchstack.com wpclever — wpc_composite_products_for_woocommerce The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wooco_components[0][name]’ parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the ajax_save_components function. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-27 6.4 CVE-2024-2838
security@wordfence.com
security@wordfence.com wpclever — wpc_frequently_bought_together_for_woocommerce Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce.This issue affects WPC Frequently Bought Together for WooCommerce: from n/a through 7.0.3. 2024-04-22 4.3 CVE-2024-32687
audit@patchstack.com wpdevteam — essential_addons_for_elementor_-_best_elementor_templates,_widgets,_kits_&_woocommerce_builders The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , eael_woo_pagination_product_ajax(), and ajax_eael_product_gallery() functions. This makes it possible for unauthenticated attackers to extract posts that may be in private or draft status. 2024-04-25 5.3 CVE-2024-3733
security@wordfence.com
security@wordfence.com wpmet — wp_ultimate_review Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. 2024-04-22 5.3 CVE-2024-32684
audit@patchstack.com wproyal — royal_elementor_addons_and_templates The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s widget containers in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-23 6.5 CVE-2024-2798
security@wordfence.com
security@wordfence.com wproyal — royal_elementor_addons_and_templates The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid & Advanced Text widget HTML tags in all versions up to, and including, 1.3.96 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-23 6.4 CVE-2024-2799
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com wproyal — royal_elementor_addons_and_templates The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Advanced Accordion widget in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output escaping on user supplied attributes like ‘accordion_title_tag’. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-04-23 6.4 CVE-2024-3889
security@wordfence.com
security@wordfence.com xfinity_soft — order_limit_for_woocommerce Missing Authorization vulnerability in Xfinity Soft Order Limit for WooCommerce.This issue affects Order Limit for WooCommerce: from n/a through 2.0.0. 2024-04-24 6.5 CVE-2024-32675
audit@patchstack.com xtemos — woodmart Improper Authentication, Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in xtemos WoodMart allows Cross-Site Scripting (XSS).This issue affects WoodMart: from n/a through 7.0.4. 2024-04-24 5.3 CVE-2023-25790
audit@patchstack.com yith — yith_woocommerce_compare Cross-Site Request Forgery (CSRF) vulnerability in YITH YITH WooCommerce Compare.This issue affects YITH WooCommerce Compare: from n/a through 2.37.0. 2024-04-24 4.3 CVE-2024-32699
audit@patchstack.com zitadel — zitadel ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a `Lockout Policy` with a maximum amount of failed password check attempts, there was no such mechanism for (T)OTP checks. This issue has been patched in version 2.50.0. 2024-04-26 6.5 CVE-2024-32868
security-advisories@github.com
security-advisories@github.com N/A — N/A

 

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink. 2024-04-26 6 CVE-2022-48682
cve@mitre.org
cve@mitre.org
cve@mitre.org
cve@mitre.org N/A — N/A

 

An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an information leak. This allows an attacker capable of observing Passbolt’s HTTPS queries to the Pwned Password API to more easily brute force passwords that are manually typed by the user. 2024-04-26 6.1 CVE-2024-33669
cve@mitre.org
cve@mitre.org
cve@mitre.org
cve@mitre.org
cve@mitre.org N/A — N/A

 

Passbolt API before 4.6.2 allows HTML injection in a URL parameter, resulting in custom content being displayed when a user visits the crafted URL. Although the injected content is not executed as JavaScript due to Content Security Policy (CSP) restrictions, it may still impact the appearance and user interaction of the page. 2024-04-26 4.3 CVE-2024-33670
cve@mitre.org
cve@mitre.org
cve@mitre.org