Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Deluge of Nearly 300 Fake Apps Floods Iranian Banking Sector

No Iranian bank customers are safe from financially motivated cybercriminals wielding convincing but fake mobile apps.

DARKReading
Open in Source
#web#android#apple#auth
CVE-2023-45834: WordPress Libsyn Publisher Hub plugin <= 1.4.4 - Sensitive Data Exposure vulnerability - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4.

CVE-2023-46820: WordPress Image Regenerate & Select Crop plugin <= 7.3.0 - Sensitive Data Exposure via Log File vulnerability - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Iulia Cazan Image Regenerate & Select Crop.This issue affects Image Regenerate & Select Crop: from n/a through 7.3.0.

CVE-2023-48333: WordPress Booster for WooCommerce plugin <= 7.1.1 - Auth. Arbitrary Order Information Disclosure Vulnerability - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pluggabl LLC Booster for WooCommerce.This issue affects Booster for WooCommerce: from n/a through 7.1.1.

CVE-2023-40662: WordPress Cookies and Content Security Policy plugin <= 2.15 - Sensitive Data Exposure vulnerability - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jonk @ Follow me Darling Cookies and Content Security Policy.This issue affects Cookies and Content Security Policy: from n/a through 2.15.

CVE-2023-41735: WordPress Email posts to subscribers plugin <= 6.2 - Sensitive Data Exposure - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email posts to subscribers.This issue affects Email posts to subscribers: from n/a through 6.2.

CVE-2023-44150: WordPress ProfilePress plugin <= 4.13.2 - Sensitive Data Exposure via Debug Log vulnerability - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress: from n/a through 4.13.2.

CVE-2023-45066: WordPress Export All Posts, Products, Orders, Refunds & Users plugin <= 2.4.1 - Sensitive Data Exposure vulnerability - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Smackcoders Export All Posts, Products, Orders, Refunds & Users.This issue affects Export All Posts, Products, Orders, Refunds & Users: from n/a through 2.4.1.

CVE-2023-37972: WordPress WooCommerce Product Stock Alert plugin <= 2.0.1 - Sensitive Data Exposure vulnerability - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1.

CVE-2023-40600: WordPress EWWW Image Optimizer plugin <= 7.2.0 - Sensitive Data Exposure vulnerability - Patchstack

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0.