The My Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.14 via the REST API. This makes it possible for unauthenticated attac ...
Continue Reading
February 21, 2024
The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to unauthorized access and modification of data via API due to an inconsistent capabil ...
Continue Reading
February 21, 2024
The version of mozilla-firefox installed on the remote host is prior to 115.8.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-051-01 advisory. When storing ...
Continue Reading
February 21, 2024
Fiber is a web framework written in go. Prior to version 2.52.1, the CORS middleware allows for insecure configurations that could potentially expose the application to multiple CORS-related vulnerabi ...
Continue Reading
February 21, 2024
Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information ...
Continue Reading
February 21, 2024
This Metasploit module chains a server side request forgery (SSRF) vulnerability (CVE-2024-21893) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivant ...
Continue Reading
February 21, 2024
This Metasploit module chains a server side request forgery (SSRF) vulnerability (CVE-2024-21893) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivant ...
Continue Reading
February 21, 2024
Security Advisory Description CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set & ...
Continue Reading
February 21, 2024
Back to Main
