2022-09-17 04:59:49 +00:00
|
|
|
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
|
|
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
|
|
<channel>
|
|
|
|
<title>Muhammad Daffa</title>
|
|
|
|
<link>https://daffa.info/</link>
|
|
|
|
<description>Recent content on Muhammad Daffa</description>
|
|
|
|
<image>
|
|
|
|
<url>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</url>
|
|
|
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
|
|
|
</image>
|
|
|
|
<generator>Hugo -- gohugo.io</generator>
|
2022-11-16 00:20:03 +00:00
|
|
|
<lastBuildDate>Mon, 26 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/index.xml" rel="self" type="application/rss+xml" />
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-32587</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-32587/</link>
|
|
|
|
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-32587/</guid>
|
|
|
|
<description>WordPress WP Page Widget plugin &lt;= 3.9 - Cross-Site Request Forgery</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-38137</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-38137/</link>
|
|
|
|
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-38137/</guid>
|
|
|
|
<description>WordPress Analytify plugin &lt;= 4.2.2 - Cross-Site Request Forgery</description>
|
|
|
|
</item>
|
|
|
|
|
2022-09-24 04:16:36 +00:00
|
|
|
<item>
|
|
|
|
<title>CVE-2022-36340</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-36340/</link>
|
|
|
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-36340/</guid>
|
|
|
|
<description>WordPress MailOptin plugin &lt;= 1.2.49.0 - Unauthenticated Optin Campaign Cache Deletion</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-38095</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-38095/</link>
|
|
|
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-38095/</guid>
|
|
|
|
<description>WordPress Advanced Dynamic Pricing for WooCommerce plugin &lt;= 4.1.3 - Cross-Site Request Forgery</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-38134</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-38134/</link>
|
|
|
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-38134/</guid>
|
|
|
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Authenticated Broken Access Control</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-40132</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-40132/</link>
|
|
|
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-40132/</guid>
|
|
|
|
<description>WordPress Seriously Simple Podcasting plugin &lt;= 2.16.0 - Cross-Site Request Forgery</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-40194</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-40194/</link>
|
|
|
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-40194/</guid>
|
|
|
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Sensitive Information Disclosure</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-38470</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-38470/</link>
|
|
|
|
<pubDate>Thu, 22 Sep 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-38470/</guid>
|
|
|
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Cross-Site Request Forgery</description>
|
|
|
|
</item>
|
|
|
|
|
2022-09-17 04:59:49 +00:00
|
|
|
<item>
|
|
|
|
<title>CVE-2022-36282</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-36282/</link>
|
|
|
|
<pubDate>Tue, 23 Aug 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-36282/</guid>
|
|
|
|
<description>Search Exclude &lt; 1.2.7 - Author+ Stored Cross-Site Scripting</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
2022-09-24 04:16:36 +00:00
|
|
|
<title>CVE-2022-34347</title>
|
2022-09-17 04:59:49 +00:00
|
|
|
<link>https://daffa.info/cve/cve-2022-34347/</link>
|
|
|
|
<pubDate>Mon, 22 Aug 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-34347/</guid>
|
|
|
|
<description>Download Manager &lt; 3.2.49 - Clear Stats &amp; Cache via CSRF</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-36346</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-36346/</link>
|
|
|
|
<pubDate>Mon, 22 Aug 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-36346/</guid>
|
|
|
|
<description>MaxButtons &lt; 9.3 - Arbitrary Settings Update via CSRF</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-33201</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-33201/</link>
|
|
|
|
<pubDate>Sun, 08 May 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-33201/</guid>
|
|
|
|
<description>MailerLite - Signup forms (official) &lt; 1.5.7 - API Key Update via CSRF</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-27848</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-27848/</link>
|
|
|
|
<pubDate>Thu, 14 Apr 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-27848/</guid>
|
|
|
|
<description>Modern Events Calendar Lite &lt; 6.5.2 - Admin+ Stored Cross-Site Scripting</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-27844</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-27844/</link>
|
|
|
|
<pubDate>Mon, 11 Apr 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-27844/</guid>
|
|
|
|
<description>WPvivid Backup and Migration Plugin &lt; 0.9.71 - Admin+ Arbitrary File Download</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-25618</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-25618/</link>
|
|
|
|
<pubDate>Mon, 04 Apr 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-25618/</guid>
|
|
|
|
<description>wpDataTables &lt; 2.1.28 - Admin+ Stored Cross-Site Scripting</description>
|
|
|
|
</item>
|
|
|
|
|
2022-09-24 04:16:36 +00:00
|
|
|
<item>
|
|
|
|
<title>CVE-2022-38704</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-38704/</link>
|
|
|
|
<pubDate>Wed, 23 Feb 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-38704/</guid>
|
|
|
|
<description>WordPress SEO Redirection plugin &lt;= 8.9 - Cross-Site Request Forgery</description>
|
|
|
|
</item>
|
|
|
|
|
2022-09-17 04:59:49 +00:00
|
|
|
<item>
|
|
|
|
<title>CVE-2022-23983</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-23983/</link>
|
|
|
|
<pubDate>Mon, 21 Feb 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-23983/</guid>
|
|
|
|
<description>WP Content Copy Protection &amp; No Right Click &lt; 3.4.5 - Settings Update via CSRF</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2022-23984</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2022-23984/</link>
|
|
|
|
<pubDate>Mon, 21 Feb 2022 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2022-23984/</guid>
|
|
|
|
<description>wpDiscuz &lt; 7.3.12 - Sensitive Information Disclosure</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2021-24561</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2021-24561/</link>
|
|
|
|
<pubDate>Mon, 26 Jul 2021 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2021-24561/</guid>
|
|
|
|
<description>WP SMS &lt; 5.4.13 - Authenticated Stored Cross-Site Scripting</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2021-24531</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2021-24531/</link>
|
|
|
|
<pubDate>Wed, 21 Jul 2021 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2021-24531/</guid>
|
|
|
|
<description>Charitable - Donation Plugin &lt; 1.6.51 - Authenticated Stored Cross-Site Scripting (XSS)</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
<item>
|
|
|
|
<title>CVE-2021-24519</title>
|
|
|
|
<link>https://daffa.info/cve/cve-2021-24519/</link>
|
|
|
|
<pubDate>Mon, 19 Jul 2021 11:30:03 +0000</pubDate>
|
|
|
|
|
|
|
|
<guid>https://daffa.info/cve/cve-2021-24519/</guid>
|
|
|
|
<description>Vik Rent Car &lt; 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS)</description>
|
|
|
|
</item>
|
|
|
|
|
|
|
|
|
|
|
|
</channel>
|
|
|
|
</rss>
|