The Elementor Contact Form DB plugin before 1.6 for WordPress allows CSRF via backend admin pages. How to mitigate CVE-2021-3133 Time needed: 5 minutes. Follow the instructions, as they will assist you in mitigating the WordPress Read more
Common Vulnerabilities and Exposures is a rundown of sections-each containing a recognizable proof number, a portrayal, and no less than one open reference-for freely known cybersecurity vulnerabilities. CVE Entries are utilized in various cybersecurity items and administrations from around the globe.
An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the Read more
Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security’s Read more
Dynamoose is an open-source modeling tool for Amazon’s DynamoDB. In Dynamoose from version 2.0.0 and before version 2.7.0 there was a prototype pollution vulnerability in the internal utility method “lib/utils/object/set.ts”. This method is used throughout Read more
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation of this issue could lead to unauthorized access to restricted resources. Access to the admin Read more