Tagged: Cybersecurity Alert

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when...

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when...

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when...

A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate leads...

A vulnerability classified as critical has been found in PHPGurukul Online Birth Certificate System 1.0. Affected is an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection....

The List Children plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘list_children’ shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on...

A vulnerability was found in Netgear EX6200 1.0.3.94. It has been declared as critical. This vulnerability affects the function sub_54340. The manipulation of the argument host leads to buffer overflow. The attack can be...

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the ‘pto_remove_logo’ function...

The NewsBlogger theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the newsblogger_install_and_activate_plugin() function in all versions up to, and including, 0.2.5.1. This makes it possible for...

The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2.5.4. This is due to missing or incorrect nonce validation on the newsblogger_install_and_activate_plugin() function. This makes...

The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and...

A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this issue is the function sub_503FC. The manipulation of the argument host leads to buffer overflow. The attack may be...

A vulnerability was found in Netgear EX6200 1.0.3.94. It has been classified as critical. This affects the function sub_54014. The manipulation of the argument host leads to buffer overflow. It is possible to initiate...

The Page View Count plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the yellow_message_dontshow() function in versions...