Szolgáltatóknak

The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptm_getFolders AJAX action in all versions up to, and including, 4.1.3. This...

The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.5 via the...

The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.5 via...

The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_get_image_by_url'...

A vulnerability has been found in CodeZips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file...

A vulnerability was found in pihome-shc PiHome 1.77 and classified as critical. Affected by this issue is some unknown functionality of the file /ajax.php?Ajax=GetModal_MQTTEdit. The manipulation...

Cacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146.

Cross-site scripting vulnerability exists in acmailer CGI ver.4.0.5 and earlier. An arbitrary script may be executed on the web browser of the user who accessed the management page of the affected...

The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not...

The WP Booking Calendar plugin for WordPress is vulnerable to Unauthenticated Post-Confirmation Booking Manipulation in all versions up to, and including, 10.10. This is due to the plugin not...