Common Vulnerabilities and Exposures is a rundown of sections-each containing a recognizable proof number, a portrayal, and no less than one open reference-for freely known cybersecurity vulnerabilities. CVE Entries are utilized in various cybersecurity items and administrations from around the globe.
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. References snapcreek.com/duplicator/docs/changelog/?lite www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/
An issue was discovered in the Responsive Poll through 1.3.4 for WordPress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of Read more
The Media Library Assistant plugin before 2.82 for WordPress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript. References wordpress.org/plugins/media-library-assistant/#developers
The Media Library Assistant plugin before 2.82 for WordPress suffers from a Local File Inclusion vulnerability in mla_gallery link=download. References wordpress.org/plugins/media-library-assistant/#developers
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication). References openvpn.net/security-advisories/
Cyberwarzone.com