CVE-2021-24372

The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER[‘REQUEST_URI’] before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue. (CVSS:0.0) (Last Update:2021-06-21)

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION

CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION

Description An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation

CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION

CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION

Description Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations

CVE-2023-29632 : JMSPAGEBUILDER 3.X ON PRESTASHOP AJAX_JMSPAGEBUILDER.PHP SQL INJECTION

CVE-2023-29632 : JMSPAGEBUILDER 3.X ON PRESTASHOP AJAX_JMSPAGEBUILDER.PHP SQL INJECTION

Description PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php. References https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmspagebuilder.html For More Information MITRE