The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all v ...
Continue Reading
September 12, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all v ...
Continue Reading
September 12, 2024
A vulnerability in the Python PyJWT implementation of JWT is related to the lack of locking of some public key formats. key formats. Exploitation of the vulnerability allows an attacker acting remotel ...
Continue Reading
September 11, 2024
Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the a ...
Continue Reading
September 03, 2024
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0269-1 advisory. trivy was updated to fix the following issues: ...
Continue Reading
August 31, 2024
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0268-1 advisory. trivy was updated to fix the following issues: ...
Continue Reading
August 31, 2024
This module exploits an improper access control vulnerability (CVE-2023-6329) in Control iD iDSecure <= v4.7.43.0. It allows an unauthenticated remote attacker to compute valid credentials and ...
Continue Reading
August 27, 2024
Back to Main
