CVE-2022-1539
The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a…
The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a…
The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to store user files, bad actors could use that to…
The Name Directory WordPress plugin before 1.25.4 does not have CSRF check when importing names, and is also lacking sanitisation as well as escaping in…
The Name Directory WordPress plugin before 1.25.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected…
A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be…
A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1.7.5.0 and classified as critical. The manipulation leads to memory corruption. The attack can…
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This…
A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation…
Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping. Zafiyet ile ilgili Genel Bilgi, Etki…
Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user…