High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info abdul_hakeem — build_app_online Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. 2024-04-25 9.8 CVE-2023-51478audit@patchstack.com…
Tag: Bulletins
Vulnerability Summary for the Week of April 15, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 10web — slider_by_10web Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web:…
Vulnerability Summary for the Week of April 8, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info adobe — adobe_commerce Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution…
Vulnerability Summary for the Week of April 1, 2024
Vulnerability Summary for the Week of March 25, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info acowebs — pdf_invoices_and_packing_slips_for_woocommerce Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce:…
Vulnerability Summary for the Week of March 18, 2024
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info N/A — N/A Directory Traversal vulnerability in Devan-Kerman ARRP v.0.8.1 and before allows a remote attacker to execute arbitrary code via the dumpDirect in…
Vulnerability Summary for the Week of March 11, 2024
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info academylms — academy_lms_-_elearning_and_online_course_solution_for_wordpress The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to privilege escalation in all…
Vulnerability Summary for the Week of March 4, 2024
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info acowebs — pdf_invoices_and_packing_slips_for_woocommerce The PDF Invoices and Packing Slips For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up…
Vulnerability Summary for the Week of February 26, 2024
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info progress — openedge In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication…
Vulnerability Summary for the Week of February 19, 2024
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info agronholm — cbor2 cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. Starting in version 5.5.1 and prior to…