Kategori: NIST-Güvenlik Açıkları

CVE-2023-1427

– The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege…

Devamını oku

CVE-2023-1473

The Slider, Gallery, and Carousel by MetaSlider WordPress plugin 3.29.0 does not sanitise and escape a parameter before outputting it back in the page, leading…

Devamını oku

CVE-2022-44726

The TouchDown Timesheet tracking component 4.1.4 for Jira allows XSS in the calendar view. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

Devamını oku

CVE-2023-0367

The Pricing Tables For WPBakery Page Builder (formerly Visual Composer) WordPress plugin before 3.0 does not validate and escape some of its shortcode attributes before…

Devamını oku

CVE-2023-0764

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker…

Devamını oku

CVE-2023-0765

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not properly escape values used in SQL queries, leading to an Blind SQL Injection vulnerability. The…

Devamını oku