Monthly Archive: August 2019

CVE-2019-2390

An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user...

CVE-2019-2389

Incorrect scoping of kill operations in MongoDB Server’s packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the...

CVE-2019-15842

The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress has XSS. Date published : 2019-08-30 Easy restaurant menu upload

CVE-2019-15841

The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility. Date published : 2019-08-30 Facebook for WooCommerce

CVE-2019-15840

The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF. Date published : 2019-08-30 Facebook for WooCommerce