Kategori: Güvenlik Açıkları

CVE-2023-2713

Authorization Bypass Through User-Controlled Key vulnerability in “Rental Module” developed by third-party for Ideasoft’s E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module:…

Devamını oku

CVE-2023-2276

The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including,…

Devamını oku

CVE-2023-2715

The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘submit_ticket’ function in versions up…

Devamını oku

CVE-2023-2716

The Groundhogg plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the ‘ajax_upload_file’…

Devamını oku

CVE-2023-2717

The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation…

Devamını oku

CVE-2023-2735

The Groundhogg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘gh_form’ shortcode in versions up to, and including, 2.7.9.8 due to insufficient…

Devamını oku

CVE-2023-2736

The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation…

Devamını oku

CVE-2023-2714

The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘check_license’ functions in versions up…

Devamını oku

CVE-2023-1996

A reflected Cross-site Scripting (XSS) vulnerability in 3DEXPERIENCE R2018x through R2023x allows an attacker to execute arbitrary script code. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku