CVE-2023-2301

The Contact Form Builder by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.9.1. This is due to missing nonce validation on the ls_parse_vcit ...

Continue Reading

June 03, 2023

CVE-2023-2415

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_logout_callba ...

Continue Reading

June 03, 2023

CVE-2023-2406

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Stored ...

Continue Reading

June 03, 2023

CVE-2023-3083

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.Read More ...

Continue Reading

June 03, 2023

CVE-2023-3051

The Page Builder by AZEXO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'azh_post' shortcode in versions up to, and including, 1.27.133 due to insufficient input sanitization a ...

Continue Reading

June 03, 2023

CVE-2023-2781

The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up to, and including, 3.5.0. This is due to a random ...

Continue Reading

June 03, 2023

CVE-2023-3053

The Page Builder by AZEXO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'azh_add_post' function in versions up to, and including, 1.2 ...

Continue Reading

June 03, 2023

CVE-2023-3052

The Page Builder by AZEXO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.27.133. This is due to missing or incorrect nonce validation on the 'azh_ ...

Continue Reading

June 03, 2023

1 705 706 707 708 709 3,551

Back to Main
Subscribe for the latest news: