Vulnerabilities

Slideshow, Image Slider by 2J plugin for WordPress security bypass | CVE-2020-36729

June 12, 2023

NAME__________Slideshow, Image Slider by 2J plugin for WordPress security bypassPlatforms Affected:2J Slideshow Team Slideshow Image Slider by 2J plugin for...

/tg/station tgstation-server information disclosure | CVE-2023-34243

June 11, 2023

NAME__________/tg/station tgstation-server information disclosurePlatforms Affected:/tg/station tgstation-server 4.0.0 /tg/station tgstation-server 5.12.4Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________/tg/station tgstation-server could allow a remote attacker to...

Slideshow, Image Slider by 2J plugin for WordPress security bypass | CVE-2020-36729

June 11, 2023

NAME__________Slideshow, Image Slider by 2J plugin for WordPress security bypassPlatforms Affected:2J Slideshow Team Slideshow Image Slider by 2J plugin for...

Login/Signup Popup plugin for WordPress cross-site request forgery | CVE-2020-36715

June 11, 2023

NAME__________Login/Signup Popup plugin for WordPress cross-site request forgeryPlatforms Affected:XootiX Login/Signup Popup plugin for WordPress 1.4Risk Level:7.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Login/Signup Popup plugin...

MotoPress Getwid – Gutenberg Blocks plugin for WordPress security bypass | CVE-2023-1910

June 11, 2023

NAME__________MotoPress Getwid - Gutenberg Blocks plugin for WordPress security bypassPlatforms Affected:MotoPress Getwid - Gutenberg Blocks plugin for WordPress 1.8.3Risk Level:4.3Exploitability:UnprovenConsequences:Gain...

Advent/SSC Tamale RMS directory traversal | CVE-2023-33524

June 11, 2023

NAME__________Advent/SSC Tamale RMS directory traversalPlatforms Affected:Advent/SSC Tamale RMS 23.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Advent/SSC Tamale RMS could allow a remote attacker to...

Golang Go privilege escalation | CVE-2023-29403

June 11, 2023

NAME__________Golang Go privilege escalationPlatforms Affected:Golang Go 1.20 Golang Go 1.19.9 Golang Go 1.20.4Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Golang Go could allow a...

Advent/SSC Tamale RMS directory traversal | CVE-2023-33524

June 10, 2023

Gradio security bypass | CVE-2023-34239

June 10, 2023

NAME__________Gradio security bypassPlatforms Affected:Gradio Gradio 3.33.1Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Gradio could allow a remote attacker to bypass security restrictions, caused by...

Kali Forms plugin for WordPress security bypass | CVE-2020-36720

June 10, 2023

NAME__________Kali Forms plugin for WordPress security bypassPlatforms Affected:Kali Forms Kali Forms plugin for WordPress 2.1.1Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Kali Forms plugin...

OpenZeppelin Contracts denial of service | CVE-2023-34234

June 10, 2023

NAME__________OpenZeppelin Contracts denial of servicePlatforms Affected:OpenZeppelin OpenZeppelin Contracts 4.9.0Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenZeppelin Contracts is vulnerable to a denial of...

Slideshow, Image Slider by 2J plugin for WordPress security bypass | CVE-2020-36729

June 10, 2023

NAME__________Slideshow, Image Slider by 2J plugin for WordPress security bypassPlatforms Affected:2J Slideshow Team Slideshow Image Slider by 2J plugin for...

Activello plugin for WordPress security bypass | CVE-2020-36721

June 10, 2023

NAME__________Activello plugin for WordPress security bypassPlatforms Affected:Silkalns Activello plugin for WordPress 1.4.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Activello plugin for WordPress could allow...

Trellix Agent for macOS code execution | CVE-2023-0976

June 10, 2023

NAME__________Trellix Agent for macOS code executionPlatforms Affected:Trellix Agent for macOS 5.7.8Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Trellix Agent for macOS could allow a...

zxcvbn-ts denial of service | CVE-2023-34109

June 10, 2023

NAME__________zxcvbn-ts denial of servicePlatforms Affected:zxcvbn-ts zxcvbn-ts 3.0.1Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________zxcvbn-ts is vulnerable to a denial of service, caused by...

Gatsby local file include | CVE-2023-34238

June 10, 2023

NAME__________Gatsby local file includePlatforms Affected:Gatsby Gatsby 4.25.6 Gatsby Gatsby 5.9.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Gatsby could allow a remote attacker to include...

ListingPro theme for WordPress information disclosure | CVE-2020-36723

June 10, 2023

NAME__________ListingPro theme for WordPress information disclosurePlatforms Affected:CridioStudio ListingPro theme for WordPress 2.6.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________ListingPro theme for WordPress could allow...

Page Builder: KingComposer plugin for WordPress cross-site scripting | CVE-2020-36709

June 10, 2023

NAME__________Page Builder: KingComposer plugin for WordPress cross-site scriptingPlatforms Affected:King-Theme Page Builder: KingComposer plugin for WordPress 2.9.3Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Page Builder:...

WPS Hide Login plugin for WordPress brute force | CVE-2020-36710

June 10, 2023

NAME__________WPS Hide Login plugin for WordPress brute forcePlatforms Affected:WPServeur NicolasKulka wpformation WPS Hide Login plugin for WordPress 1.5.4.2Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access...

Marval MSM default account | CVE-2023-33283

June 10, 2023

NAME__________Marval MSM default accountPlatforms Affected:Marval MSM 14.19.0.12476 Marval MSM 15.0Risk Level:5.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Marval MSM contains a static encryption key for...

Adning Advertising plugin for WordPress directory traversal | CVE-2020-36728

June 10, 2023

NAME__________Adning Advertising plugin for WordPress directory traversalPlatforms Affected:tunafish Adning Advertising plugin for WordPress 1.5.5Risk Level:6.5Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Adning Advertising plugin for...

Visual Composer plugin for WordPress cross-site scripting | CVE-2020-36722

June 10, 2023

NAME__________Visual Composer plugin for WordPress cross-site scriptingPlatforms Affected:visualcomposer.com Visual Composer plugin for WordPress 26.0Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Visual Composer plugin for...

Login/Signup Popup plugin for WordPress cross-site request forgery | CVE-2020-36715

June 10, 2023

ZTE MF286R code execution | CVE-2023-32180

June 10, 2023

NAME__________ZTE MF286R code executionPlatforms Affected:ZTE MF286RRisk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ZTE MF286R could allow a remote authenticated attacker within the local network...

Vulnerabilities

Slideshow, Image Slider by 2J plugin for WordPress security bypass | CVE-2020-36729

/tg/station tgstation-server information disclosure | CVE-2023-34243

Slideshow, Image Slider by 2J plugin for WordPress security bypass | CVE-2020-36729

Login/Signup Popup plugin for WordPress cross-site request forgery | CVE-2020-36715

MotoPress Getwid – Gutenberg Blocks plugin for WordPress security bypass | CVE-2023-1910

Advent/SSC Tamale RMS directory traversal | CVE-2023-33524

Golang Go privilege escalation | CVE-2023-29403

Advent/SSC Tamale RMS directory traversal | CVE-2023-33524

Gradio security bypass | CVE-2023-34239

Kali Forms plugin for WordPress security bypass | CVE-2020-36720

OpenZeppelin Contracts denial of service | CVE-2023-34234

Slideshow, Image Slider by 2J plugin for WordPress security bypass | CVE-2020-36729

Activello plugin for WordPress security bypass | CVE-2020-36721

Trellix Agent for macOS code execution | CVE-2023-0976

zxcvbn-ts denial of service | CVE-2023-34109

Gatsby local file include | CVE-2023-34238

ListingPro theme for WordPress information disclosure | CVE-2020-36723

Page Builder: KingComposer plugin for WordPress cross-site scripting | CVE-2020-36709

WPS Hide Login plugin for WordPress brute force | CVE-2020-36710

Marval MSM default account | CVE-2023-33283

Adning Advertising plugin for WordPress directory traversal | CVE-2020-36728

Visual Composer plugin for WordPress cross-site scripting | CVE-2020-36722

Login/Signup Popup plugin for WordPress cross-site request forgery | CVE-2020-36715

ZTE MF286R code execution | CVE-2023-32180

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA: CISA Adds One Vulnerability to the KEV Catalog

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

You may have missed