CVE-2022-1612

The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attackRead ...

Continue Reading

June 13, 2022

CVE-2022-1605

The Email Users WordPress plugin through 4.8.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and cha ...

Continue Reading

June 13, 2022

CVE-2022-1595

The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted requestRead More ...

Continue Reading

June 13, 2022

CVE-2022-1604

The MailerLite WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site ScriptingRead More ...

Continue Reading

June 13, 2022

CVE-2022-30309

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized ex ...

Continue Reading

June 13, 2022

CVE-2022-31398

A cross-site scripting (XSS) vulnerability in /staff/tools/custom-fields of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email nam ...

Continue Reading

June 13, 2022

CVE-2022-2066

Cross-site Scripting (XSS) - Reflected in GitHub repository neorazorx/facturascripts prior to 2022.06.Read More ...

Continue Reading

June 13, 2022

CVE-2022-2065

Cross-site Scripting (XSS) - Stored in GitHub repository neorazorx/facturascripts prior to 2022.06.Read More ...

Continue Reading

June 13, 2022

1 91,137 91,138 91,139 91,140 91,141 92,096

Back to Main
Subscribe for the latest news: