Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Related Posts Plugin up to 3.6.4 on WordPress Settings Page title cross site scripting

A vulnerability was found in Related Posts Plugin up to 3.6.4 on WordPress (WordPress Plugin). It has been rated as problematic. This issue affects an unknown code block of the component Settings Page. There is no information about possible...
Auteur: VulDB

PhastPress Plugin prior 1.111 on WordPress redirect [CVE-2021-24210]

A vulnerability was found in PhastPress Plugin on WordPress (WordPress Plugin). It has been declared as problematic. This vulnerability affects an unknown code. Upgrading to version 1.111 eliminates this vulnerability. Applying a patch is able to...
Auteur: VulDB

WP Super Cache Plugin up to 1.7.1 on WordPress Cache Settings wp-cache-config.php cache_path code injection

A vulnerability was found in WP Super Cache Plugin up to 1.7.1 on WordPress (WordPress Plugin). It has been classified as critical. This affects an unknown part of the file wp-cache-config.php of the component Cache Settings. Upgrading to version...
Auteur: VulDB

WP Page Builder Plugin up to 1.2.3 on WordPress Raw HTML Widget/Custom HTML Widget cross site scripting

A vulnerability was found in WP Page Builder Plugin up to 1.2.3 on WordPress (WordPress Plugin) and classified as problematic. Affected by this issue is some unknown functionality of the component Raw HTML Widget/Custom HTML Widget. Upgrading to...
Auteur: VulDB

WP Page Builder Plugin up to 1.2.3 on WordPress Subscriber access control

A vulnerability has been found in WP Page Builder Plugin up to 1.2.3 on WordPress (WordPress Plugin) and classified as critical. Affected by this vulnerability is an unknown functionality of the component Subscriber Handler. Upgrading to version...
Auteur: VulDB

Elementor Website Builder Plugin up to 3.1.3 on WordPress image-box.php title_size cross site scripting

A vulnerability, which was classified as problematic, was found in Elementor Website Builder Plugin up to 3.1.3 on WordPress (WordPress Plugin). Affected is an unknown function of the file includes/widgets/image-box.php. Upgrading to version...
Auteur: VulDB

Elementor Website Builder Plugin up to 3.1.3 on WordPress icon-box.php title_size cross site scripting

A vulnerability, which was classified as problematic, has been found in Elementor Website Builder Plugin up to 3.1.3 on WordPress (WordPress Plugin). This issue affects some unknown processing of the file includes/widgets/icon-box.php. Upgrading...
Auteur: VulDB

Elementor Website Builder Plugin up to 3.1.3 on WordPress Saved Pages accordion.php title_html_tag cross site scripting

A vulnerability classified as problematic was found in Elementor Website Builder Plugin up to 3.1.3 on WordPress (WordPress Plugin). This vulnerability affects an unknown code block of the file includes/widgets/accordion.php of the component...
Auteur: VulDB

Elementor Website Builder Plugin up to 3.1.3 on WordPress Saved Pages divider.php html_tag cross site scripting

A vulnerability classified as problematic has been found in Elementor Website Builder Plugin up to 3.1.3 on WordPress (WordPress Plugin). This affects an unknown code of the file includes/widgets/divider.php of the component Saved Pages Handler....
Auteur: VulDB

Elementor Website Builder Plugin up to 3.1.3 on WordPress Saved Pages heading.php header_size cross site scripting

A vulnerability was found in Elementor Website Builder Plugin up to 3.1.3 on WordPress (WordPress Plugin). It has been rated as problematic. Affected by this issue is an unknown part of the file includes/widgets/heading.php of the component Saved...
Auteur: VulDB

Elementor Website Builder Plugin up to 3.1.3 on WordPress column.php html_tag cross site scripting

A vulnerability was found in Elementor Website Builder Plugin up to 3.1.3 on WordPress (WordPress Plugin). It has been declared as problematic. Affected by this vulnerability is some unknown functionality of the file includes/elements/column.php....
Auteur: VulDB

Social Slider Widget Plugin up to 1.8.4 on WordPress Settings Page token_error cross site scripting

A vulnerability was found in Social Slider Widget Plugin up to 1.8.4 on WordPress (WordPress Plugin). It has been classified as problematic. Affected is an unknown functionality of the component Settings Page. Upgrading to version 1.8.5...
Auteur: VulDB

SEO Redirection Plugin up to 6.3 on WordPress 301 Redirect cross site scripting

A vulnerability was found in SEO Redirection Plugin up to 6.3 on WordPress (WordPress Plugin) and classified as problematic. This issue affects an unknown function of the component 301 Redirect Handler. There is no information about possible...
Auteur: VulDB

Tutor LMS Plugin up to 1.8.2 on WordPress tutor_answering_quiz_question/get_answer_by_id sql injection

A vulnerability has been found in Tutor LMS Plugin up to 1.8.2 on WordPress (WordPress Plugin) and classified as critical. This vulnerability affects the function tutor_answering_quiz_question/get_answer_by_id. Upgrading to version 1.8.3...
Auteur: VulDB

Tutor LMS up to 1.7.6 on WordPress AJAX tutor_place_rating sql injection

A vulnerability, which was classified as critical, was found in Tutor LMS up to 1.7.6 on WordPress (WordPress Plugin). This affects the function tutor_place_rating of the component AJAX Handler. Upgrading to version 1.7.7 eliminates this...
Auteur: VulDB

Tutor LMS up to 1.7.6 on WordPress AJAX Endpoint privileges management

A vulnerability, which was classified as critical, has been found in Tutor LMS up to 1.7.6 on WordPress (WordPress Plugin). Affected by this issue is an unknown code of the component AJAX Endpoint. Upgrading to version 1.7.7 eliminates this...
Auteur: VulDB

Tutor LMS Plugin up to 1.8.2 on WordPress AJAX tutor_quiz_builder_get_question_form sql injection

A vulnerability classified as critical was found in Tutor LMS Plugin up to 1.8.2 on WordPress (WordPress Plugin). Affected by this vulnerability is the function tutor_quiz_builder_get_question_form of the component AJAX Handler. Upgrading to...
Auteur: VulDB

Tutor LMS Plugin up to 1.8.2 on WordPress AJAX tutor_quiz_builder_get_answers_by_question sql injection

A vulnerability classified as critical has been found in Tutor LMS Plugin up to 1.8.2 on WordPress (WordPress Plugin). Affected is the function tutor_quiz_builder_get_answers_by_question of the component AJAX Handler. Upgrading to version 1.8.3...
Auteur: VulDB

Tutor LMS up to 1.7.6 on WordPress tutor_mark_answer_as_correct sql injection

A vulnerability was found in Tutor LMS up to 1.7.6 on WordPress (WordPress Plugin). It has been rated as critical. This issue affects the function tutor_mark_answer_as_correct. Upgrading to version 1.7.7 eliminates this vulnerability.
Auteur: VulDB

Related Posts Plugin up to 2.0.3 on WordPress GET Parameter lang cross site scripting

A vulnerability was found in Related Posts Plugin up to 2.0.3 on WordPress (WordPress Plugin). It has been declared as problematic. This vulnerability affects an unknown function of the component GET Parameter Handler. Upgrading to version 2.0.4...
Auteur: VulDB

File Manager Plugin up to 7.0 on WordPress admin.php User-Agent cross site scripting

A vulnerability was found in File Manager Plugin up to 7.0 on WordPress (WordPress Plugin). It has been classified as problematic. This affects some unknown processing of the file /wp-admin/admin.php?page=wp_file_manager_properties. Upgrading to...
Auteur: VulDB

JH 404 Logger Plugin up to 1.1 on WordPress Path cross site scripting

A vulnerability was found in JH 404 Logger Plugin up to 1.1 on WordPress (Log Management Software) and classified as problematic. Affected by this issue is an unknown code block of the component Path Handler. There is no information about...
Auteur: VulDB

Plus Addons for Elementor Page Builder Plugin up to 4.1.6 on WordPress improper authentication

A vulnerability has been found in Plus Addons for Elementor Page Builder Plugin up to 4.1.6 on WordPress (WordPress Plugin) and classified as critical. Affected by this vulnerability is an unknown code of the component Plus Addons Handler....
Auteur: VulDB

Database Backups Plugin on WordPress cross-site request forgery

A vulnerability, which was classified as problematic, was found in Database Backups Plugin on WordPress (WordPress Plugin) (version unknown). Affected is an unknown part. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

VM Backups Plugin up to 1.0 on WordPress cross-site request forgery

A vulnerability, which was classified as problematic, has been found in VM Backups Plugin up to 1.0 on WordPress (WordPress Plugin). This issue affects some unknown functionality. There is no information about possible countermeasures known. It...
Auteur: VulDB
First6789101112131415Last

Événements SSI