Common Vulnerabilities and Exposures is a rundown of sections-each containing a recognizable proof number, a portrayal, and no less than one open reference-for freely known cybersecurity vulnerabilities. CVE Entries are utilized in various cybersecurity items and administrations from around the globe.

CVE-2020-9371: WordPress plugin vulnerability

April 7, 2020 0

Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScript or HTML. References packetstormsecurity.com/files/156694/WordPress-Appointment-Booking-Calendar-1.3.34-CSV-Injection.html drive.google.com/open?id=1NNcYPaJir9SleyVr4cSPqpI2LNM7rtx9 wordpress.org/plugins/appointment-booking-calendar/#developers wpvulndb.com/vulnerabilities/10110 Read more

CVE-2020-9335: WordPress plugin vulnerabilty

April 7, 2020 0

Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other Read more

CVE-2020-9459: WordPress plugin vulnerability

April 6, 2020 0

Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax actions. Read more

CVE-2020-9466: WordPress plugin vulnerability

April 6, 2020 0

The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection. References wpvulndb.com/vulnerabilities/10094 www.getastra.com/blog/911/plugin-exploit/csv-injection-in-export-users-to-csv-wordpress-plugin/ www.jinsonvarghese.com/csv-injection-in-export-users-to-csv-plugin/

CVE-2020-9458: WordPress plugin vulnerability

April 6, 2020 0

In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote authenticated users (with minimal privileges) to export submitted form data and settings via class_rm_form_controller.php rm_form_export. References wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/#developers wpvulndb.com/vulnerabilities/10116 www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/

1 53 54 55 56 57 65