A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output.…

A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing…

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection.…

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WebbaPlugins Webba Booking plugin <= 4.2.21 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. Zafiyet ile ilgili Genel…

The Simple Banner WordPress plugin before 2.12.0 does not properly sanitize its “Simple Banner Text” Settings allowing high privilege users to perform Cross-Site Scripting attacks…

The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to…

The Coming Soon – Under Construction WordPress plugin through 1.1.9 does not sanitize and escape some of its settings, which could allow high-privileged users to…