Latest Security News about cve 2020 8426

cPanel before 84.0.20 allows a demo account to achieve remote code execution

Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544). Vulnerability Details : CVE ID : CVE-2020-10119 Skip to end of metadata Created by Documentation, last modified yesterday at 3:08 PM Go to start of metadata 84.0.22 2020-03-16 [security] Fixed case SEC-505: Bandwidth suspensions can be triggered [...]

XSS in WordPress Elementor Plugin 2.8.4

Overview : The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. These can be exploited by targeting an authenticated user. Affected Product(s) : WordPress Elementor Plugin 2.8.5 Vulnerability Details : CVE ID : CVE-2020-8426 The plugin seems to be very well implemented but there is always a […]