The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all version ...
Continue Reading
June 12, 2024
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all version ...
Continue Reading
June 12, 2024
The Newsletter - API v1 and v2 addon plugin for WordPress is vulnerable to unauthorized subscribers management due to PHP type juggling issue on the check_api_key function in all versions up to, and i ...
Continue Reading
June 12, 2024
The Newsletter - API v1 and v2 addon plugin for WordPress is vulnerable to unauthorized subscribers management due to PHP type juggling issue on the check_api_key function in all versions up to, and i ...
Continue Reading
June 12, 2024
Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/custom_component" endpoint and provide a Python...Read More ...
Continue Reading
June 12, 2024
Users with low privileges (just plain users in the realm) are able to utilize administrative functionalities within Keycloak admin interface. This issue presents a significant security risk as it allo ...
Continue Reading
June 12, 2024
Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/custom_component" endpoint and provide a Python...Read More ...
Continue Reading
June 11, 2024
litellm is vulnerable to SQL Injection. The vulnerability is due to improper handling of the 'user_id' parameter in the raw SQL query used for deleting users. This allows an attacker to inje ...
Continue Reading
June 11, 2024
Back to Main
