Weekly Vulnerabilities Reports > October 14 to 20, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through 2408.

Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15.

Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through 1.5.7.

Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69.

Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0.

Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right Click allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click: from n/a through 3.5.9.

Subscriber Broken Access Control in Photo Gallery Builder <= 3.0 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4.

Cross-Site Request Forgery (CSRF) vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows SQL Injection.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.7.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through 0.2.2.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infotuts SW Contact Form allows Blind SQL Injection.This issue affects SW Contact Form: from n/a through 1.0.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lodel Geraldo Simple Code Insert Shortcode allows SQL Injection.This issue affects Simple Code Insert Shortcode: from n/a through 1.0.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dan Alexander SermonAudio Widgets allows SQL Injection.This issue affects SermonAudio Widgets: from n/a through 1.9.3.

Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nyasro Rate Own Post allows Blind SQL Injection.This issue affects Rate Own Post: from n/a through 1.0.

Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through 1.1.1.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acespritech Solutions Pvt.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Naudin Vladimir FERMA.Ru.Net allows Blind SQL Injection.This issue affects FERMA.Ru.Net: from n/a through 1.3.3.

Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through 4.2.38.

: Incorrect Privilege Assignment vulnerability in Gerry Ntabuhashe GERRYWORKS Post by Mail allows Privilege Escalation.This issue affects GERRYWORKS Post by Mail: from n/a through 1.0.

Cross-Site Request Forgery (CSRF) vulnerability in Apa APA Register Newsletter Form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through 1.0.0.

Cross-Site Request Forgery (CSRF) vulnerability in Apa Apa Banner Slider allows SQL Injection.This issue affects Apa Banner Slider: from n/a through 1.0.0.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hasan Movahed Duplicate Title Validate allows Blind SQL Injection.This issue affects Duplicate Title Validate: from n/a through 1.0.

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028.

A vulnerability classified as critical was found in code-projects Hospital Management System 1.0.

A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0.

A vulnerability, which was classified as critical, has been found in PHPGurukul Boat Booking System 1.0.

A vulnerability classified as problematic has been found in PHPGurukul Boat Booking System 1.0.

A vulnerability was found in ESAFENET CDG 5.

A vulnerability was found in ESAFENET CDG 5 and classified as critical.

A vulnerability has been found in ESAFENET CDG 5 and classified as critical.

The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability.

A vulnerability classified as critical was found in Tenda AC8 16.03.34.06.

A vulnerability was found in Tenda AC8 16.03.34.06.

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability.

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0.

There is a SQL injection vulnerability in some HikCentral Professional versions.

The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajax_import_content' function.

The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input.

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Incorrect Privilege Assignment vulnerability in themexpo RS-Members allows Privilege Escalation.This issue affects RS-Members: from n/a through 1.0.3.

A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5.

A vulnerability classified as critical was found in ESAFENET CDG 5.

A vulnerability was found in ESAFENET CDG 5.

A vulnerability classified as critical has been found in ESAFENET CDG 5.

Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability.

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user.

An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware.

A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0.

A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0.

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the wpvivid_upload_import_files and wpvivid_upload_files AJAX actions that allows low-level authenticated attackers to upload zip files that can be subsequently extracted.

Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF requests due to missing validation of the origin of the requests.

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user.

The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in versions up to, and including, 2.1.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.3.9.

The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and uploads due to missing file type validation via the 'mk_file_folder_manager_shortcode' ajax action in all versions up to, and including, 8.3.9.

IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page.

Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted Chrome Extension.

Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page.

Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page.

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server).

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XMLPublisher).

A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0.

The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents.

The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server.

The FlowMaster BPM Plus system from NewType has a privilege escalation vulnerability.

The specific query functionality in the FlowMaster BPM Plus from NewType does not properly restrict user input, allowing remote attackers with regular privileges to inject SQL commands to read, modify, or delete database contents.

WebEIP v3.0 from NewType does not properly validate user input, allowing remote attackers with regular privilege to inject SQL commands to read, modify, and delete data stored in database.

The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0.

In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration.

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint.

Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector.

The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function.

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or change the firmware on an affected device. This vulnerability is due to a lack of authentication on specific HTTP endpoints.

A vulnerability, which was classified as problematic, was found in jsbroks COCO Annotator 0.11.1.

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability.

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.6.0.

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the create_mollie_account function in versions up to, and including, 4.3.7.

A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers.

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query).

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Manager Specification).

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item Catalog).

Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Site Hierarchy Flows).

Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price List).

Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning).

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Diagnostics).

Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component: Compensation Plan).

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks).

Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Field Service Engineer Portal).

Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: User Interface).

Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component: Messages).

Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Device Integration).

Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite (component: Award Processes).

Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions).

Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component: Authoring).

Vulnerability in the Oracle Financials product of Oracle E-Business Suite (component: Common Components).

Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (component: Global Payroll for Core).

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive.

Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access.

A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83.

Local privilege escalation due to insecure folder permissions.

A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability.

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow.

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability.

Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page.

An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.

NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction.

OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file.

Vulnerability in the Oracle Enterprise Manager Fusion Middleware Control product of Oracle Fusion Middleware (component: FMW Control Plugin).

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates).

A vulnerability has been found in didi DDMQ 1.0 and classified as critical.

Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch.

The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable.

MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials.

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.

The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter.

The Download Monitor plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several REST-API routes related to reporting in versions up to, and including, 4.7.51.

IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request.

An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via the /tool/shell/postgresql.conf component.

Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middleware (component: Cloning).

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).

Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality).

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python).

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console).

Cleartext transmission of sensitive information in acep-collector service.

Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.

SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability.

The WP 2FA with Telegram plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 3.0.

CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html  and send a specially crafted CIP message to the device.

Next.js is a React Framework for the Web.

Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks.

The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates.

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates.

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates.

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm.

Local privilege escalation due to DLL hijacking vulnerability.

Local privilege escalation due to DLL hijacking vulnerability.

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical.

A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical.

A vulnerability classified as critical was found in PHPGurukul Boat Booking System 1.0.

A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to execute arbitrary commands as the root user on the underlying operating system. This vulnerability is due to a lack of input sanitization in the web-based management interface.

The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in versions up to, and including, 4.3.3.

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot an affected device. This vulnerability is due to the HTTP server allowing state changes in GET requests.

The logout operation in the CloudStack web interface does not expire the user session completely which is valid until expiry by time or restart of the backend service.

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports).

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports).

A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site.

A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections.

Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter.

Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.

Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter.

A vulnerability classified as critical has been found in HFO4 shudong-share up to 2.4.7.

Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability.

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device.

A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs.

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the create_mollie_profile function in versions up to, and including, 4.3.7.

Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a network.

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin).

Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC).

A vulnerability was found in Podman, Buildah, and CRI-O.

In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk user in the SplunkDeploymentServerConfig app.

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGEST_EVAL" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd).

Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.

Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability.

The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit system for cloud resources, and is disabled by default.

: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK VAT Manager for WooCommerce: from n/a through 2.12.14.

Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2.

Cross-Site Request Forgery (CSRF) vulnerability in Avchat.Net AVChat Video Chat allows Stored XSS.This issue affects AVChat Video Chat: from n/a through 2.2.

Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sourav All in One Slider allows Reflected XSS.This issue affects All in One Slider: from n/a through 1.1.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Unizoe Web Solutions jLayer Parallax Slider allows Reflected XSS.This issue affects jLayer Parallax Slider: from n/a through 1.0.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dotsquares Google Map Locations allows Reflected XSS.This issue affects Google Map Locations: from n/a through 1.0.

A vulnerability was found in PHPGurukul Boat Booking System 1.0.

The WordPress Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.19.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mahesh Patel Mitm Bug Tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through 1.0.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Harpreet Singh Ajax Custom CSS/JS allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through 2.0.4.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in M.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nikhil Vaghela Add Categories Post Footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through 2.2.2.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Agustin Berasategui AB Categories Search Widget allows Reflected XSS.This issue affects AB Categories Search Widget: from n/a through 0.2.5.

There is an XSS vulnerability in some HikCentral Master Lite versions.

The MAS Companies For WP Job Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.13.

The Edit WooCommerce Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping.

The GetResponse Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.5.6.

The Social Share With Floating Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.3.

The DPD Baltic Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search_value' parameter in all versions up to, and including, 1.2.83 due to insufficient input sanitization and output escaping.

The Gantry 4 Framework plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'override_id' parameter in all versions up to, and including, 4.1.21 due to insufficient input sanitization and output escaping.

The Parcel Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.8.4 due to insufficient input sanitization and output escaping.

A stored cross-site scripting (XSS) vulnerability exists in comfyanonymous/comfyui version 0.2.2 and possibly earlier.

Cross-Site Request Forgery (CSRF) vulnerability in Cookie Scanner – Nikel Schubert Cookie Scanner allows Stored XSS.This issue affects Cookie Scanner: from n/a through 1.1.

Cross-Site Request Forgery (CSRF) vulnerability in Julian Weinert // cs&m cSlider allows Stored XSS.This issue affects cSlider: from n/a through 2.4.2.

Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.K.A CyberJack CJ Change Howdy allows Stored XSS.This issue affects CJ Change Howdy: from n/a through 3.3.1.

Cross-Site Request Forgery (CSRF) vulnerability in Arif Nezami Better Author Bio allows Cross-Site Scripting (XSS).This issue affects Better Author Bio: from n/a through 2.7.10.11.

Cross-Site Request Forgery (CSRF) vulnerability in Ahmet Imamoglu Ahmeti Wp Timeline allows Stored XSS.This issue affects Ahmeti Wp Timeline: from n/a through 5.1.

In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests

A vulnerability was found in aap-gateway.

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user. This vulnerability is due to insufficient validation of user input.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in sunburntkamel disconnected allows Reflected XSS.This issue affects disconnected: from n/a through 1.3.0.

The Product Vendors is vulnerable to Reflected Cross-Site Scripting via the 'vendor_description' parameter in versions up to, and including, 2.0.35 due to insufficient input sanitization and output escaping.

The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements.

The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateor_sss_sharing_count' AJAX action in versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping.

The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.6.5.

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology).

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).

The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 9.0.2.

Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization.

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the resource parameter in all versions up to, and including, 5.2.6 due to insufficient input sanitization and output escaping when logging visitor requests.

eLabFTW is an open source electronic lab notebook for research labs.

A vulnerability in the CLI&nbsp;of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized.

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).

Sensitive information disclosure due to spell-jacking.

Tuleap is a tool for end to end traceability of application and system developments.

This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.

Substance3D - Sampler versions 4.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition.

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML content from an affected device.

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

In the Linux kernel, the following vulnerability has been resolved: mm: avoid leaving partial pfn mappings around in error case As Jann points out, PFN mappings are special, because unlike normal memory mappings, there is no lifetime information associated with the mapping - it is just a raw mapping of PFNs with no reference counting of a 'struct page'. That's all very much intentional, but it does mean that it's easy to mess up the cleanup in case of errors.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mighty Plugins Mighty Builder allows Stored XSS.This issue affects Mighty Builder: from n/a through 1.0.2.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HT Plugins WP Education allows Stored XSS.This issue affects WP Education: from n/a through 1.2.8.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Md Abdul Kader Easy Addons for Elementor allows Stored XSS.This issue affects Easy Addons for Elementor: from n/a through 1.3.0.

A vulnerability has been found in PHPGurukul IFSC Code Finder Project 1.0 and classified as problematic.

A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic.

The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-twitch-embed shortcode in all versions up to, and including, 1.8.6 due to insufficient input sanitization and output escaping on user supplied attributes.

The Debrandify · Remove or Replace WordPress Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping.

The RSS Feed Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rfw-youtube-videos shortcode in all versions up to, and including, 2.9.9 due to insufficient input sanitization and output escaping on user supplied attributes.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Swebdeveloper wpPricing Builder allows Stored XSS.This issue affects wpPricing Builder: from n/a through 1.5.0.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CrossedCode bVerse Convert allows Stored XSS.This issue affects bVerse Convert: from n/a through 1.3.7.1.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Peter CyClop WordPress Video allows Stored XSS.This issue affects WordPress Video: from n/a through 1.0.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Javier Loureiro El mejor Cluster allows DOM-Based XSS.This issue affects El mejor Cluster: from n/a through 1.1.15.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MadrasThemes MAS Elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through 1.1.6.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in themeworm Plexx Elementor Extension allows Stored XSS.This issue affects Plexx Elementor Extension: from n/a through 1.3.4.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hafiz Uddin Ahmed Crazy Call To Action Box allows Stored XSS.This issue affects Crazy Call To Action Box: from n/a through 1.0.5.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tady Walsh Tito allows DOM-Based XSS.This issue affects Tito: from n/a through 2.3.

The Advanced Category and Custom Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ad_tax_image shortcode in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping on user supplied attributes.

The Click to Chat – WP Support All-in-One Floating Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpsaio_snapchat shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes.

The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 1.4.4.

The WP Easy Post Types plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes.

The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 2.1.12 due to insufficient input sanitization and output escaping on user supplied attributes.

Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier.

The Flat UI Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's flatbtn shortcode in version 1.0 due to insufficient input sanitization and output escaping on user supplied attributes.

The Suki Sites Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping.

The Easy Menu Manager | WPZest plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping.

The Elemenda plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.0.2 due to insufficient input sanitization and output escaping.

The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping.

The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping.

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Partnerships at Booking.Com Booking.Com Banner Creator allows Stored XSS.This issue affects Booking.Com Banner Creator: from n/a through 1.4.6.

The Google Language Translator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple parameters in versions up to, and including, 6.0.9 due to insufficient input sanitization and output escaping.

WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page.

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized subscription cancellation due to a missing capability check on the pt_cancel_subscription function in versions up to, and including, 4.3.7.

The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 8.3.9.

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Activity Guide Composer).

Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management product of Oracle PeopleSoft (component: Enterprise Learning Management).

The Smart Online Order for Clover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's moo_receipt_link shortcode in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping on user supplied attributes.

NewType WebEIP v3.0 does not properly validate user input, allowing a remote attacker with regular privileges to insert JavaScript into specific parameters, resulting in a Reflected Cross-site Scripting (XSS) attack.

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user.

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" parameter from the "/manager/search/apps/local" endpoint in Splunk Web calls.

Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter.

X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting (XSS) in the "Opportunities" module.

The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive.

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

A vulnerability was found in Quay, which allows successful authentication even when a truncated password version is provided.

In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.

The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action.

Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface).

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Infrastructure).

The WPIDE – File Manager & Code Editor plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.9.

A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances.

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine .

A vulnerability, which was classified as critical, was found in code-projects Blood Bank System up to 1.0.

The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01.

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01.

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS).

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL).

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS).

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).

Vulnerability in Oracle Application Express (component: General).

A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8.

Tuleap is a tool for end to end traceability of application and system developments.

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index.

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users.

The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with administrator privileges to move arbitrary system files to the website root directory and access them.

A vulnerability, which was classified as problematic, was found in PHPGurukul Boat Booking System 1.0.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a through 1.0.11.

The Add Widget After Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VillaTheme Email Template Customizer for WooCommerce allows Stored XSS.This issue affects Email Template Customizer for WooCommerce: from n/a through 1.2.5.

Stored cross-site scripting (XSS) vulnerability on enrollment invitation page.

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting.

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic.

Tuleap is a tool for end to end traceability of application and system developments.

Vulnerability in the Oracle Enterprise Manager for Fusion Middleware product of Oracle Fusion Middleware (component: WebLogic Mgmt).

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators.

The EventON PRO - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.8.

The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.9 via the Page Loader widget.

The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2.

The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configuration' function in all versions up to, and including, 2.0.1.

The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and including, 1.4.

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1.

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1.

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch.

The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-modal-box.php.

The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6.4 due to missing capability checks and nonce disclosure.

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_profile_preference function in versions up to, and including, 4.3.7.

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized API key update due to a missing capability check on the paytium_sw_save_api_keys function in versions up to, and including, 4.3.7.

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the check_for_verified_profiles function in versions up to, and including, 4.3.7.

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized notification dismissal due to a missing capability check on the paytium_notice_dismiss function in versions up to, and including, 4.3.7.

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the check_mollie_account_details function in versions up to, and including, 4.3.7.

Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page.

Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page.

Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page.

Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension.

Vulnerability in the Oracle Database Core component of Oracle Database Server.

Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Oracle PeopleSoft (component: Expenses).

Excessive attack surface in archive-server service due to binding to an unrestricted IP address.

Excessive attack surface in acep-importer service due to binding to an unrestricted IP address.

Excessive attack surface in acep-collector service due to binding to an unrestricted IP address.

The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 3.23.5 via the get_image_alt function.

Tuleap is a tool for end to end traceability of application and system developments.

In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards.

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App.

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).

Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier.

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization).

Vulnerability in the XML Database component of Oracle Database Server.

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs).

Vulnerability in the Java VM component of Oracle Database Server.

Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization).

Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation Tools.

Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools.

SpiceDB is an open source database for scalably storing and querying fine-grained authorization data.

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry).