Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2023-44764: GitHub - sromanhu/ConcreteCMS-Stored-XSS---Site_Installation: Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the SI

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings.

CVE
Open in Source
#xss#vulnerability#web#git#java#auth
CVE-2023-25480: WordPress Post and Page Builder by BoldGrid plugin <= 1.24.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions.

CVE-2023-40008: WordPress Simple Org Chart plugin <= 2.3.4 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <= 2.3.4 versions.

CVE-2023-27448: WordPress MakeStories (for Google Web Stories) plugin <= 2.8.0 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin <= 2.8.0 versions.

CVE-2022-47175: WordPress Royal Elementor Addons plugin <= 1.3.75 - Multiple Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in P Royal Royal Elementor Addons and Templates plugin <= 1.3.75 versions.

CVE-2023-27615: WordPress WP Super Minify plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Dipak C. Gajjar WP Super Minify plugin <= 1.5.1 versions.