CVE-2024-3920 - Stored Cross-Site Scripting Vulnerability in Flattr WordPress Plugin through 1.2.2
The Flattr WordPress plugin, which is widely used to monetize blogs and websites, has been discovered to have a Stored Cross-Site Scripting (XSS) vulnerability.
CVE-2024-3917 - How a Simple XSS Bug in Pet Manager WordPress Plugin Lets Attackers Target Admins
If you run a WordPress site and use the popular Pet Manager plugin, there’s a critical security issue you need to know. CVE-2024-
CVE-2024-25738 - Critical SSRF in VuFind Lets Hackers Gain Admin Access & RCE (Full Details & Exploit)
Published: June 2024
What is CVE-2024-25738?
A new and dangerous vulnerability has come to light: CVE-2024-25738 is a Server-Side Request
CVE-2024-35560 - CSRF Vulnerability in idccms v1.35 – Full Exploit & Analysis
Date Reported: June 2024
Severity: High
Vulnerability Type: Cross-Site Request Forgery (CSRF)
Affected Software: idccms v1.35
Vulnerable Component: /admin/ca_deal.php?mudi=
CVE-2024-35554 - Exploiting CSRF in idccms v1.35's NewsWeb Delete Endpoint
Summary:
On June 2024, a Cross-Site Request Forgery (CSRF) vulnerability was found in idccms v1.35. Bad actors can exploit it to make unwanted
Episode
00:00:00
00:00:00