Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WebbaPlugins Webba Booking plugin <= 4.2.21 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. Zafiyet ile ilgili Genel…

The Simple Banner WordPress plugin before 2.12.0 does not properly sanitize its “Simple Banner Text” Settings allowing high privilege users to perform Cross-Site Scripting attacks…

The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to…

The Coming Soon – Under Construction WordPress plugin through 1.1.9 does not sanitize and escape some of its settings, which could allow high-privileged users to…

The Rezgo Online Booking WordPress plugin before 4.1.8 does not sanitise and escape some parameters before outputting them back in a page, leading to a…

A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an attacker to access…

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action (available to both unauthenticated and…