Kategori: NIST-Güvenlik Açıkları

CVE-2023-1804

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute,…

Devamını oku

CVE-2023-1805

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the page parameter before outputting it back in an attribute,…

Devamını oku

CVE-2023-1809

The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files.…

Devamını oku

CVE-2023-1861

The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could allow…

Devamını oku

CVE-2023-0891

The StagTools WordPress plugin before 2.3.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the…

Devamını oku