CVE-2020-27615: WordPress plugin vulnerability

October 22, 2020 0

The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip. How to mitigate CVE-2020-27615 Time needed: 5 minutes. Follow the instructions, as they will assist you in mitigating Read more

Share this info:

CVE-2020-27344: WordPress plugin vulnerability

October 22, 2020 0

The cm-download-manager plugin before 2.8.0 for WordPress allows XSS. How to mitigate CVE-2020-27344 Time needed: 5 minutes. Follow the instructions, as they will assist you in mitigating the WordPress vulnerability that been reported in CVE-2020-27344. Install Read more

Share this info:

CVE-2020-15244: Magento vulnerability

October 22, 2020 0

In Magento (rubygems openmage/magento-lts package) before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product. The Read more

Share this info:

CVE-2020-9767: Zoom vulnerability

October 19, 2020 0

A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate Read more

Share this info:

CVE-2020-6841: Spotify vulnerability

October 19, 2020 0

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter. How to mitigate CVE-2020-6841 Time needed: 5 minutes. Follow the instructions, as they will Read more

Share this info:
1 2 3 41