Common Vulnerabilities and Exposures is a rundown of sections-each containing a recognizable proof number, a portrayal, and no less than one open reference-for freely known cybersecurity vulnerabilities. CVE Entries are utilized in various cybersecurity items and administrations from around the globe.

CVE-2020-11738: WordPress plugin vulnerability

April 14, 2020 0

The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. References snapcreek.com/duplicator/docs/changelog/?lite www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/

CVE-2020-11673: WordPress vulnerability

April 13, 2020 0

An issue was discovered in the Responsive Poll through 1.3.4 for WordPress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of Read more

CVE-2020-11731: WordPress plugin vulnerability

April 13, 2020 0

The Media Library Assistant plugin before 2.82 for WordPress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript. References wordpress.org/plugins/media-library-assistant/#developers

CVE-2020-11732: WordPress plugin vulnerability

April 13, 2020 0

The Media Library Assistant plugin before 2.82 for WordPress suffers from a Local File Inclusion vulnerability in mla_gallery link=download. References wordpress.org/plugins/media-library-assistant/#developers

CVE-2020-8953: OpenVPN vulnerability

April 8, 2020 0

OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication). References openvpn.net/security-advisories/

1 54 55 56 57 58 71