Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-4034

The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthenticated…

Devamını oku

CVE-2022-4035

The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in versions up to, and including,…

Devamını oku

CVE-2022-3384

The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the populate_dropdown_options function that accepts…

Devamını oku

CVE-2022-3747

The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5.2. This is due to missing nonce validation…

Devamını oku

CVE-2022-3751

SQL Injection in GitHub repository owncast/owncast prior to 0.0.13. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Devamını oku

CVE-2022-3896

The WP Affiliate Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER[“REQUEST_URI”] in versions up to, and including, 6.3.9 due to insufficient…

Devamını oku

CVE-2022-3897

The WP Affiliate Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 6.3.9 due to…

Devamını oku

CVE-2022-3991

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update() function in versions up to,…

Devamını oku