Riasztások

Cross-Site Scripting (XSS) vulnerability in MainWP MainWP Dashboard v5.3.4 exists in class/class-mainwp-post-handler.php, where unsanitized user input from $_POST['sites'],...

A vulnerability was found in Kentico CMS up to 13.0.178. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /CMSInstall/install.aspx of the...

Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering...

Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch...

During a target rollback, the client fails to detect the rollback for delegated targets. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users...

During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Job Colors for WP Job Manager allows Stored XSS.This issue affects Job...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vault Group Pty Ltd VaultRE Contact Form 7 allows Stored XSS.This issue affects...

A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance.

The Ultimate Dashboard – Custom WordPress Dashboard plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_module_actions function...