CVE-2023-41740

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read speci ...

Continue Reading
CVE-2023-4000

The Waiting: One-click countdowns plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.2. This is due to missing or incorrect nonce validation on its ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-3999

The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on its AJAX calls in versions up to, and including, 0.6.2. This makes it p ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-3764

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.90. This is due to missing or incorrect nonce validation on t ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-4500

The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization a ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-4161

The WooCommerce PDF Invoice Builder for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the SaveCustomField function in versions up to, and including, 1.2.90. Thi ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-2352

The CHP Ads Block Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.9.4. This is due to missing or incorrect nonce validation on the chp_abd ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-3636

The WP Project Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.6.4 due to insufficient restriction on the 'save_users_map_name' function. This ma ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

Back to Main

Subscribe for the latest news: