Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-1938

The Awin Data Feed WordPress plugin through 1.6 does not sanitise and escape a header when processing request to generate analytics data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against a logged in admin viewing the plugin’s settings

CVE
#xss#wordpress#auth

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907