dimanche 22 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

wp-listings Plugin up to 2.0.1 on WordPress single-listing.php cross site scripting

A vulnerability classified as problematic was found in wp-listings Plugin up to 2.0.1 on WordPress (WordPress Plugin). Affected by this vulnerability is some unknown functionality of the file includes/views/single-listing.php. Upgrading to...
Auteur: VulDB

sola-support-tickets Plugin up to 3.12 on WordPress Access Control /wp-admin cross site scripting

A vulnerability classified as problematic has been found in sola-support-tickets Plugin up to 3.12 on WordPress (WordPress Plugin). Affected is an unknown functionality of the file /wp-admin of the component Access Control. Upgrading to version...
Auteur: VulDB

wp-invoice Plugin up to 4.1.0 on WordPress wpi_update_user_option privilege escalation

A vulnerability was found in wp-invoice Plugin up to 4.1.0 on WordPress (WordPress Plugin). It has been rated as critical. This issue affects an unknown function. Upgrading to version 4.1.1 eliminates this vulnerability.
Auteur: VulDB

wp-invoice Plugin up to 4.1.0 on WordPress Access Control wpi_twocheckout privilege escalation

A vulnerability was found in wp-invoice Plugin up to 4.1.0 on WordPress (WordPress Plugin). It has been declared as critical. This vulnerability affects some unknown processing of the component Access Control. Upgrading to version 4.1.1...
Auteur: VulDB

wp-invoice Plugin up to 4.1.0 on WordPress Access Control wpi_interkassa privilege escalation

A vulnerability was found in wp-invoice Plugin up to 4.1.0 on WordPress (WordPress Plugin). It has been classified as critical. This affects an unknown code block of the component Access Control. Upgrading to version 4.1.1 eliminates this...
Auteur: VulDB

wp-invoice Plugin up to 4.1.0 on WordPress Access Control wpi_paypal payer privilege escalation

A vulnerability was found in wp-invoice Plugin up to 4.1.0 on WordPress (WordPress Plugin) and classified as critical. Affected by this issue is an unknown code of the component Access Control. Upgrading to version 4.1.1 eliminates this...
Auteur: VulDB

wp-invoice Plugin up to 4.1.0 on WordPress Access Control wpi_user_id privilege escalation

A vulnerability has been found in wp-invoice Plugin up to 4.1.0 on WordPress (WordPress Plugin) and classified as critical. Affected by this vulnerability is an unknown part of the component Access Control. Upgrading to version 4.1.1 eliminates...
Auteur: VulDB

wp-invoice Plugin up to 4.1.0 on WordPress Access Control admin_init privilege escalation

A vulnerability, which was classified as critical, was found in wp-invoice Plugin up to 4.1.0 on WordPress (WordPress Plugin). Affected is some unknown functionality of the component Access Control. Upgrading to version 4.1.1 eliminates this...
Auteur: VulDB

instalinker Plugin up to 1.1.1 on WordPress instalinker-admin-preview.php client_id cross site scripting

A vulnerability, which was classified as problematic, has been found in instalinker Plugin up to 1.1.1 on WordPress (WordPress Plugin). This issue affects an unknown functionality of the file includes/instalinker-admin-preview.php?client_id....
Auteur: VulDB

Elegant Themes Monarch Plugin up to 1.2.6 on WordPress privilege escalation

A vulnerability classified as critical was found in Elegant Themes Monarch Plugin up to 1.2.6 on WordPress (WordPress Plugin). This vulnerability affects an unknown function. Upgrading to version 1.2.7 eliminates this vulnerability.
Auteur: VulDB

Elegant Themes Bloom Plugin up to 1.1.0 on WordPress privilege escalation

A vulnerability classified as critical has been found in Elegant Themes Bloom Plugin up to 1.1.0 on WordPress (WordPress Plugin). This affects some unknown processing. Upgrading to version 1.1.1 eliminates this vulnerability.
Auteur: VulDB

Elegant Themes Extra Theme up to 1.2.3 on WordPress privilege escalation

A vulnerability was found in Elegant Themes Extra Theme up to 1.2.3 on WordPress (WordPress Plugin). It has been rated as critical. Affected by this issue is an unknown code block. Upgrading to version 1.2.4 eliminates this vulnerability.
Auteur: VulDB

user-submitted-posts Plugin on WordPress user-submitted-content cross site scripting

A vulnerability was found in user-submitted-posts Plugin on WordPress (WordPress Plugin) (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown code. Upgrading eliminates this vulnerability....
Auteur: VulDB

wp-ultimate-exporter Plugin up to 1.1 on WordPress export_type_name sql injection

A vulnerability was found in wp-ultimate-exporter Plugin up to 1.1 on WordPress (WordPress Plugin). It has been classified as critical. Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

Goodnews Theme up to 2016-02-28 on WordPress cross site scripting

A vulnerability was found in Goodnews Theme up to 2016-02-28 on WordPress and classified as problematic. This issue affects some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

ocim-mp3 Plugin up to 2016-03-07 on WordPress pages.php id cross site scripting

A vulnerability has been found in ocim-mp3 Plugin up to 2016-03-07 on WordPress and classified as problematic. This vulnerability affects an unknown functionality of the file wp-content/plugins/ocim-mp3/source/pages.php. There is no information...
Auteur: VulDB

beauty-premium Theme 1.0.8 on WordPress File Upload includes/sendmail.php cross site request forgery

A vulnerability, which was classified as problematic, was found in beauty-premium Theme 1.0.8 on WordPress. This affects an unknown function of the file includes/sendmail.php of the component File Upload. There is no information about possible...
Auteur: VulDB

optinmonster Plugin up to 1.1.4.5 on WordPress Access Control Shortcode privilege escalation

A vulnerability, which was classified as critical, has been found in optinmonster Plugin up to 1.1.4.5 on WordPress. Affected by this issue is some unknown processing of the component Access Control. Upgrading to version 1.1.4.6 eliminates this...
Auteur: VulDB

yawpp Plugin up to 1.2.2 on WordPress field1 cross site scripting

A vulnerability classified as problematic was found in yawpp Plugin up to 1.2.2 on WordPress. Affected by this vulnerability is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

admin-management-xtended Plugin up to 2.4.0.0 on WordPress wp_ajax privilege escalation

A vulnerability classified as critical has been found in admin-management-xtended Plugin up to 2.4.0.0 on WordPress. Affected is the function wp_ajax. Upgrading to version 2.4.0.1 eliminates this vulnerability.
Auteur: VulDB

mtouch-quiz Plugin up to 3.1.2 on WordPress Quiz Name cross site scripting

A vulnerability was found in mtouch-quiz Plugin up to 3.1.2 on WordPress. It has been rated as problematic. This issue affects an unknown part of the component Quiz Name Handler. Upgrading to version 3.1.3 eliminates this vulnerability.
Auteur: VulDB

mtouch-quiz Plugin up to 3.1.2 on WordPress wp-admin/edit.php cross site scripting

A vulnerability was found in mtouch-quiz Plugin up to 3.1.2 on WordPress. It has been declared as problematic. This vulnerability affects some unknown functionality of the file wp-admin/edit.php. Upgrading to version 3.1.3 eliminates this...
Auteur: VulDB

mtouch-quiz Plugin up to 3.1.2 on WordPress options-general.php cross site request forgery

A vulnerability was found in mtouch-quiz Plugin up to 3.1.2 on WordPress. It has been classified as problematic. This affects an unknown functionality of the file wp-admin/options-general.php. Upgrading to version 3.1.3 eliminates this...
Auteur: VulDB

mtouch-quiz Plugin up to 3.1.2 on WordPress Quiz Manage cross site scripting

A vulnerability was found in mtouch-quiz Plugin up to 3.1.2 on WordPress and classified as problematic. Affected by this issue is an unknown function of the component Quiz Manage Handler. Upgrading to version 3.1.3 eliminates this vulnerability.
Auteur: VulDB

quotes-and-tips Plugin up to 1.19 on WordPress cross site scripting

A vulnerability has been found in quotes-and-tips Plugin up to 1.19 on WordPress and classified as problematic. Affected by this vulnerability is some unknown processing. Upgrading to version 1.20 eliminates this vulnerability.
Auteur: VulDB
12345678910Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS