CVE-2022-40217 The WPide plugin has an authenticated Arbitrary File Edit/Upload vulnerability at WordPress.
All versions of WordPress and XplodedThemes WPide plugin are vulnerable to this arbitrary file edit/upload vulnerability. You can discover the vulnerable version of XplodedThemes
CVE-2022-36386 Soflyy Import any XML or CSV File to WordPress plugin 3.6.7 is vulnerable to Arbitrary Code Execution.
XML or CSV files are very common and used in many websites and online service providers. This plugin is used to import data from CSV
CVE-2022-3251 Cookie in HTTPS session without 'secure' attribute in GitHub repository ikus060/minarca before 4.2.2.
This issue has been patched in 4.2.2, Keep in mind that 4.2.2 is still in development, so not all of the
CVE-2022-37246 Cross Site Scripting (XSS) in the file src/web/assets/cp/src/js/BaseElementSelectInput.js and on the line label: elementInfo.label.
An attacker can leverage this vulnerability to execute arbitrary script code in the user's browser session.
What's more, this vulnerability can
CVE-2022-2872 An upload of a file with a dangerous type was allowed in the OctoPrint GitHub repository before 1.8.3.
The only restriction is that the file cannot be dangerous according to unstable_type_unsafe in the file itself and if the file is not
Episode
00:00:00
00:00:00