The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin,…

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin,…

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability…

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check…

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST ‘update_vk_blocks_options’ function in versions up to, and including, 1.57.0.5. This allows…

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST ‘update_options’ function in versions up to, and including, 1.57.0.5. This allows…

Consul and Consul Enterprise’s cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could…

The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe’s unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects…

Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This…

A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or…