The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to unauthorized access and modification of data via API due to an inconsistent capabil ...
Continue Reading
29 февраля, 2024
The Coming Soon Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.5 via the REST API. This makes it possible for unauthent ...
Continue Reading
29 февраля, 2024
The WP Maintenance plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.1.6 via the REST API. This makes it possible for unauthenticated attackers to bypa ...
Continue Reading
29 февраля, 2024
Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label (Edit Team) - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload (ext ...
Continue Reading
29 февраля, 2024
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
29 февраля, 2024
A user who is privileged already manager or admin can set their profile picture via the frontend API using a relative filepath to then user the PFP GET API to download any valid files. The attacker wo ...
Continue Reading
28 февраля, 2024
A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: befor ...
Continue Reading
28 февраля, 2024
Summary IBM Maximo Application Predict Component uses WebSphere Application Server Liberty is vulnerable to information disclosure due to Apache Santuario which is vulnerable to CVE-2023-44483 This bu ...
Continue Reading
28 февраля, 2024
Back to Main
