CVE-2023-4243
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows au ...
Continue Reading
August 09, 2023
CVE-2023-4242
The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authentic ...
Continue Reading
August 09, 2023
CVE-2023-4243
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows au ...
Continue Reading
August 09, 2023
CVE-2023-4242
The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authentic ...
Continue Reading
August 09, 2023
Medium: tomcat
**Issue Overview:** The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. ...
Continue Reading
August 09, 2023
Information Disclosure
gitlab is vulnerable to Information Disclosure. The vulnerability may allow an authenticated user to unmask the Discord Webhook URL through viewing the raw API response.Read More ...
Continue Reading
August 09, 2023
Information Disclosure
gitlab is vulnerable to Information Disclosure. Non-project members are able to retrieve release descriptions via the API, even if the release visibility is restricted to project members only in the p ...
Continue Reading
August 09, 2023
Insufficient Policy Enforcement
chromium is vulnerable to Insufficient Policy Enforcement. Insufficient policy enforcement in File System API allows a remote attacker to bypass filesystem restrictions via a crafted HTML page.Read Mo ...
Continue Reading
August 09, 2023
