15895
subscribers
15895
subscribers
Can't Join? t.me/cibsecurity
๐ The best daily news about cyber security and privacy.
๐ Daily publications.
๐ป Is your life on the internet safe?
๐ฉ lalilolalo.dev@gmail.com
cibsecurity
October 6, 2023, 14:29
โผ CVE-2023-27615 โผ
Cross-Site Request Forgery (CSRF) vulnerability in Dipak C. Gajjar WP Super Minify plugin <=รย 1.5.1 versions.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-25480 โผ
Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid รขโฌโ Visual Drag and Drop Editor plugin <=รย 1.24.1 versions.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-44766 โผ
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-44770 โผ
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-25033 โผ
Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <=รย 4.5 versions.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-44761 โผ
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-40671 โผ
Cross-Site Request Forgery (CSRF) vulnerability in ??wp DX-auto-save-images plugin <=รย 1.4.0 versions.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-36465 โผ
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The `templates` module doesn't enforce the correct permissions, allowing any logged-in user to access to this functionality in the administration panel. An attacker could use this vulnerability to change, create or delete templates of surveys. This issue has been patched in version 0.26.8 and 0.27.4.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-44762 โผ
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags.
๐ Read
via "National Vulnerability Database".
cibsecurity
October 6, 2023, 14:26
โผ CVE-2023-44764 โผ
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings.
๐ Read
via "National Vulnerability Database".