🚨 CVE-2023-31449
A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
🎖@cveNotify
A path traversal vulnerability was identified in the WMI Custom sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the WMI Custom sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
🎖@cveNotify
🚨 CVE-2023-31448
A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
🎖@cveNotify
A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
🎖@cveNotify
🚨 CVE-2022-4782
The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
🎖@cveNotify
The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
🎖@cveNotify
WPScan
ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode
See details on the ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-4381
Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
🎖@cveNotify
Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
🎖@cveNotify
🚨 CVE-2023-2272
The Tiempo.com WordPress plugin through 0.1.2 does not sanitise and escape the page parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
🎖@cveNotify
The Tiempo.com WordPress plugin through 0.1.2 does not sanitise and escape the page parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
🎖@cveNotify
WPScan
Tiempo.com <= 0.1.2 - Reflected XSS
See details on the Tiempo.com <= 0.1.2 - Reflected XSS. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-2271
The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack
🎖@cveNotify
The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack
🎖@cveNotify
WPScan
Tiempo.com <= 0.1.2 - Shortcode Deletion via CSRF
See details on the Tiempo.com <= 0.1.2 - Shortcode Deletion via CSRF. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-2254
The Ko-fi Button WordPress plugin before 1.3.3 does not properly some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup), and we consider it a low risk.
🎖@cveNotify
The Ko-fi Button WordPress plugin before 1.3.3 does not properly some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup), and we consider it a low risk.
🎖@cveNotify
WPScan
Ko-fi Button < 1.3.3 - Admin+ Stored XSS
See details on the Ko-fi Button < 1.3.3 - Admin+ Stored XSS. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-2225
The SEO ALert WordPress plugin through 1.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
🎖@cveNotify
The SEO ALert WordPress plugin through 1.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
🎖@cveNotify
WPScan
SEO ALert <= 1.59 - Admin+ Stored XSS
See details on the SEO ALert <= 1.59 - Admin+ Stored XSS. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-2123
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.
🎖@cveNotify
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.
🎖@cveNotify
WPScan
WP Inventory Manager < 2.1.0.13 - Reflected Cross-Site Scripting
See details on the WP Inventory Manager < 2.1.0.13 - Reflected Cross-Site Scripting. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-2122
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowd_tabs_active parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link.
🎖@cveNotify
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowd_tabs_active parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link.
🎖@cveNotify
WPScan
Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting
See details on the Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-1977
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network.
🎖@cveNotify
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network.
🎖@cveNotify
WPScan
Booking Manager < 2.0.29 - Subscriber+ SSRF
See details on Booking Manager < 2.0.29 - Subscriber+ SSRF CVE 2023-1977. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-1465
The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin
🎖@cveNotify
The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin
🎖@cveNotify
WPScan
WP EasyPay < 4.1 - Reflected Cross-Site Scripting
See details on the WP EasyPay < 4.1 - Reflected Cross-Site Scripting. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-1110
The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
🎖@cveNotify
The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
🎖@cveNotify
WPScan
Yellow Yard < 2.8.12 - Contributor+ Stored XSS
See details on the Yellow Yard < 2.8.12 - Contributor+ Stored XSS. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-0579
The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks.
🎖@cveNotify
The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks.
🎖@cveNotify
WPScan
YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi
See details on YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi CVE 2023-0579. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-0551
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments
🎖@cveNotify
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments
🎖@cveNotify
WPScan
REST API TO MiniProgram <= 4.6.8.1 - Subscriber+ Attachment Deletion
See details on the REST API TO MiniProgram <= 4.6.8.1 - Subscriber+ Attachment Deletion. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2023-40348
The webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output.
🎖@cveNotify
The webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output.
🎖@cveNotify
Jenkins Security Advisory 2023-08-16
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
🚨 CVE-2023-40347
Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to.
🎖@cveNotify
Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to.
🎖@cveNotify
Jenkins Security Advisory 2023-08-16
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
🚨 CVE-2023-40346
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure shortcut jobs.
🎖@cveNotify
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure shortcut jobs.
🎖@cveNotify
Jenkins Security Advisory 2023-08-16
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
🚨 CVE-2023-40345
Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to.
🎖@cveNotify
Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to.
🎖@cveNotify
Jenkins Security Advisory 2023-08-16
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
🚨 CVE-2023-40344
A missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
🎖@cveNotify
A missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
🎖@cveNotify
Jenkins Security Advisory 2023-08-16
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
🚨 CVE-2023-40343
Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
🎖@cveNotify
Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
🎖@cveNotify
Jenkins Security Advisory 2023-08-16
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software