CVE-2023-32117 - Exploiting the Missing Authorization in SoftLab Integrate Google Drive (n/a - 1.1.99)
The digital world runs on cloud connectors, but sometimes, integration plugins forget to ask, “Are you allowed in?” That’s exactly what happened with CVE-2023-32117;
CVE-2023-47838 - Exploiting Missing Authorization in Conditional Fields for Contact Form 7 (n/a–2.4.1)
On November 22, 2023, CVE-2023-47838 was published, describing a Missing Authorization vulnerability in the popular WordPress plugin, Conditional Fields for Contact Form 7 by Jules
CVE-2023-47871 - Exploiting Missing Authorization in IT Path Solutions Contact Form to Any API (up to v1.1.6)
CVE-2023-47871 is a critical security vulnerability affecting the WordPress plugin Contact Form to Any API by IT Path Solutions, versions up to and including 1.
CVE-2024-55580 - Remote Command Execution Vulnerability in Qlik Sense Enterprise for Windows — What You Need to Know
A critical vulnerability, CVE-2024-55580, has been discovered in Qlik Sense Enterprise for Windows. It affects versions before the November 2024 Initial Release (IR) as well
CVE-2024-11380 - Stored XSS in WordPress Mini Program API Plugin (qvideo Shortcode) All Versions ≤ 1.4.5 – Explained & Exploited
WordPress is the world’s favorite CMS, but sometimes its power comes with risk. On February 26, 2024, a security flaw was reported in the
Episode
00:00:00
00:00:00