2024. júl. 27.
Riasztás
NA - CVE-2024-42029 - xdg-desktop-portal-hyprland (aka an XDG Desktop...
xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single quotes are not used when sending a list of app IDs and...
Tovább
2024. júl. 27.
Riasztás
Medium - CVE-2024-6661 - The ParityPress – Parity Pricing with Discount...
The ParityPress – Parity Pricing with Discount Rules plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Discount Text' in all versions up to, and including, 1.0.0 due...
Tovább
2024. júl. 27.
Riasztás
NA - CVE-2024-6634 - The Master Currency WP plugin for WordPress is...
The Master Currency WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's currencyconverterform shortcode in all versions up to, and including, 1.1.61 due to...
Tovább
2024. júl. 27.
Riasztás
Medium - CVE-2024-6591 - The Ultimate WordPress Auction Plugin plugin...
The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized email creation and sending due to a missing capability check on the 'send_auction_email_callback'...
Tovább
2024. júl. 27.
Riasztás
Medium - CVE-2024-6573 - The Intelligence plugin for WordPress is...
The Intelligence plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.0. This is due the plugin not preventing direct access to the...
Tovább
2024. júl. 27.
Riasztás
Medium - CVE-2024-6566 - The Aramex Shipping WooCommerce plugin for...
The Aramex Shipping WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.1.21. This is due the plugin not preventing direct access to the...
Tovább