CVE ID : CVE-2024-13387 Published : Jan. 16, 2025, 10:15 a.m. | 32 minutes ago Description : The WP Responsive Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wprtabs’ shortcode in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This […]
CVE ID : CVE-2024-13355 Published : Jan. 16, 2025, 10:15 a.m. | 32 minutes ago Description : The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to limited file uploads due to insufficient file type validation in the upload_file() function in all versions up to, and including, 13.2. This makes […]
CVE ID : CVE-2024-12615 Published : Jan. 16, 2025, 10:15 a.m. | 32 minutes ago Description : The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX actions in all versions up to, and including, 1.4.8 due to insufficient escaping on the user supplied parameter and lack of […]
CVE ID : CVE-2024-12614 Published : Jan. 16, 2025, 10:15 a.m. | 32 minutes ago Description : The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘pms_save_setting’ and ‘post_new_pass’ AJAX actions in all versions up to, and including, 1.4.8. This makes it possible for […]
CVE ID : CVE-2024-12613 Published : Jan. 16, 2025, 10:15 a.m. | 32 minutes ago Description : The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX fuctions in all versions up to, and including, 1.4.8 due to insufficient escaping on the user supplied parameter and lack of […]
CVE ID : CVE-2024-12427 Published : Jan. 16, 2025, 10:15 a.m. | 32 minutes ago Description : The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to a missing capability check on the fw_upload_file AJAX action in all versions up to, and including, 1.7.23. This makes it possible for unauthenticated […]
New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed … Read more Published Date: Jan 16, 2025 (46 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-21335 CVE-2025-21334 […]
A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiAnalyzer Cloud versions 7.4.1 through 7.4.2, 7.2.1 through 7.2.6, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7 allows attacker to escalate privilege via […]
A improper limitation of a pathname to a restricted directory (‘path traversal’) in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially […]
Configuraties en vpn-wachtwoorden 15.000 Fortinet-firewalls online gezet Op internet zijn de configuratiegegevens en vpn-wachtwoorden van 15.000 Fortinet FortiGate-firewalls gepubliceerd, zo stelt de Britse beveiligingsonderzoeker Kevin Beaumont. Het gaat om ip-adressen va … Read more Published Date: Jan 16, 2025 (1 hour, 26 minutes ago) Vulnerabilities has been mentioned in this article.
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
