The 404s WordPress plugin before 3.5.1 does not sanitise and escape its fields, allowing high privilege users such as admin to perform cross-Site Scripting attacks…

The OAuth Single Sign On WordPress plugin before 6.22.6 doesn’t validate that OAuth access token requests are legitimate, which allows attackers to log onto the…

The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow…

The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking…

This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. Zafiyet…

A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler.…

WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The…

A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The…

A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the…