Day: Mayıs 2, 2023

CVE-2023-2000

Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Devamını oku

CVE-2023-1196

The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users…

Devamını oku

CVE-2023-1861

The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could allow…

Devamını oku

CVE-2023-1809

The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files.…

Devamını oku

CVE-2023-1805

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the page parameter before outputting it back in an attribute,…

Devamını oku

CVE-2023-1804

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute,…

Devamını oku

CVE-2023-1730

The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers…

Devamını oku

CVE-2023-1669

The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object…

Devamını oku