There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x ! ...
Continue Reading
June 09, 2023
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disco ...
Continue Reading
June 09, 2023
The Getwid â Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery via the get_remote_content REST API endpoint in versions up to, and including, 1.8.3. This can allo ...
Continue Reading
June 09, 2023
The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of validation checks within login.php. This makes ...
Continue Reading
June 09, 2023
The Getwid â Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the get_remote_templates function in versions up t ...
Continue Reading
June 09, 2023
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalink_setup function in versions u ...
Continue Reading
June 09, 2023
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, wi ...
Continue Reading
June 09, 2023
The Elementor Addons, Widgets and Enhancements â Stax plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.3. This is due to missing or incorrect ...
Continue Reading
June 09, 2023
Back to Main
