CVE-2022-1009

The Smush WordPress plugin before 3.9.9 does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a ...

Continue Reading

May 30, 2022

CVE-2022-1646

The Simple Real Estate Pack WordPress plugin through 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scriptin ...

Continue Reading

May 30, 2022

CVE-2022-1644

The Call&Book Mobile Bar WordPress plugin through 1.2.2 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting atta ...

Continue Reading

May 30, 2022

CVE-2022-1928

Cross-site Scripting (XSS) - Stored in GitHub repository go-gitea/gitea prior to 1.16.9.Read More ...

Continue Reading

May 30, 2022

CVE-2022-1927

Buffer Over-read in GitHub repository vim/vim prior to 8.2.Read More ...

Continue Reading

May 30, 2022

CVE-2022-25878

The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways: ...

Continue Reading

May 30, 2022

CVE-2021-27781

The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.Read More ...

Continue Reading

May 30, 2022

CVE-2021-27780

The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.Read More ...

Continue Reading

May 30, 2022

1 79,215 79,216 79,217 79,218 79,219 79,505

Back to Main
Subscribe for the latest news: