Day: Eylül 26, 2022

CVE-2022-1613

The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor’s IP from certain HTTP headers over PHP’s REMOTE_ADDR, which makes it possible to…

Devamını oku

CVE-2021-24890

The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated…

Devamını oku

CVE-2022-21169

The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization. Zafiyet ile ilgili Genel…

Devamını oku