feat: added desc CVE-2022-32587
parent
5903fc3c13
commit
652a1d864c
|
@ -16,7 +16,7 @@ params:
|
|||
env: production # to enable google analytics, opengraph, twitter-cards and schema.
|
||||
title: Muhammad Daffa
|
||||
description: "Portfolio by Muhammad Daffa"
|
||||
keywords: [Blog, Portfolio]
|
||||
keywords: [Portfolio]
|
||||
author: Muhammad Daffa
|
||||
# author: ["Me", "You"] # multiple authors
|
||||
images: ["<link or path of image for opengraph, twitter-cards>"]
|
||||
|
|
|
@ -0,0 +1,54 @@
|
|||
---
|
||||
title: "CVE-2022-32587"
|
||||
date: 2022-09-26T11:30:03+00:00
|
||||
# weight: 1
|
||||
# aliases: ["/first"]
|
||||
tags: ["cve"]
|
||||
author: "Muhammad Daffa"
|
||||
# author: ["Me", "You"] # multiple authors
|
||||
showToc: true
|
||||
TocOpen: true
|
||||
draft: false
|
||||
hidemeta: true
|
||||
comments: false
|
||||
description: "WordPress WP Page Widget plugin <= 3.9 - Cross-Site Request Forgery"
|
||||
canonicalURL: "https://canonical.url/to/page"
|
||||
disableHLJS: false # to disable highlightjs
|
||||
disableShare: false
|
||||
hideSummary: false
|
||||
searchHidden: true
|
||||
ShowReadingTime: false
|
||||
ShowBreadCrumbs: true
|
||||
ShowPostNavLinks: true
|
||||
ShowWordCount: false
|
||||
ShowRssButtonInSectionTermList: true
|
||||
UseHugoToc: true
|
||||
cover:
|
||||
image: "<image path/url>" # image path/url
|
||||
alt: "<alt text>" # alt text
|
||||
caption: "<text>" # display caption under cover
|
||||
relative: false # when using page bundles set this to true
|
||||
hidden: true # only hide on current single page
|
||||
# editPost:
|
||||
# URL: "https://github.com/<path_to_repo>/content"
|
||||
# Text: "Suggest Changes" # edit text
|
||||
# appendFilePath: true # to append file path to Edit link
|
||||
---
|
||||
## Description
|
||||
Cross-Site Request Forgery (CSRF) vulnerability in CodeAndMore WP Page Widget plugin <= 3.9 on WordPress leading to plugin settings change.
|
||||
|
||||
## Plugin Name
|
||||
[WP Page Widget](https://wordpress.org/plugins/wp-page-widget/)
|
||||
|
||||
## Installation Number
|
||||
60,000+
|
||||
|
||||
## Affected Version
|
||||
<= 3.9
|
||||
|
||||
## Fixed Version
|
||||
4.0
|
||||
|
||||
## Advisory link
|
||||
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32587)
|
||||
* [Patchstack](https://patchstack.com/database/vulnerability/wp-page-widget/wordpress-wp-page-widget-plugin-3-9-cross-site-request-forgery-csrf-vulnerability)
|
|
@ -0,0 +1,54 @@
|
|||
---
|
||||
title: "CVE-2022-38137"
|
||||
date: 2022-09-26T11:30:03+00:00
|
||||
# weight: 1
|
||||
# aliases: ["/first"]
|
||||
tags: ["cve"]
|
||||
author: "Muhammad Daffa"
|
||||
# author: ["Me", "You"] # multiple authors
|
||||
showToc: true
|
||||
TocOpen: true
|
||||
draft: false
|
||||
hidemeta: true
|
||||
comments: false
|
||||
description: "WordPress Analytify plugin <= 4.2.2 - Cross-Site Request Forgery"
|
||||
canonicalURL: "https://canonical.url/to/page"
|
||||
disableHLJS: false # to disable highlightjs
|
||||
disableShare: false
|
||||
hideSummary: false
|
||||
searchHidden: true
|
||||
ShowReadingTime: false
|
||||
ShowBreadCrumbs: true
|
||||
ShowPostNavLinks: true
|
||||
ShowWordCount: false
|
||||
ShowRssButtonInSectionTermList: true
|
||||
UseHugoToc: true
|
||||
cover:
|
||||
image: "<image path/url>" # image path/url
|
||||
alt: "<alt text>" # alt text
|
||||
caption: "<text>" # display caption under cover
|
||||
relative: false # when using page bundles set this to true
|
||||
hidden: true # only hide on current single page
|
||||
# editPost:
|
||||
# URL: "https://github.com/<path_to_repo>/content"
|
||||
# Text: "Suggest Changes" # edit text
|
||||
# appendFilePath: true # to append file path to Edit link
|
||||
---
|
||||
## Description
|
||||
-
|
||||
|
||||
## Plugin Name
|
||||
[Analytify – Google Analytics Dashboard For WordPress](https://wordpress.org/plugins/wp-analytify/)
|
||||
|
||||
## Installation Number
|
||||
60,000+
|
||||
|
||||
## Affected Version
|
||||
<= 4.2.2
|
||||
|
||||
## Fixed Version
|
||||
4.2.3
|
||||
|
||||
## Advisory link
|
||||
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38137)
|
||||
* [Patchstack](https://patchstack.com/database/vulnerability/wp-analytify/wordpress-analytify-plugin-4-2-2-cross-site-request-forgery-csrf-vulnerability)
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -9,7 +9,25 @@
|
|||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||
</image>
|
||||
<generator>Hugo -- gohugo.io</generator>
|
||||
<lastBuildDate>Fri, 23 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/cve/index.xml" rel="self" type="application/rss+xml" />
|
||||
<lastBuildDate>Mon, 26 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/cve/index.xml" rel="self" type="application/rss+xml" />
|
||||
<item>
|
||||
<title>CVE-2022-32587</title>
|
||||
<link>https://daffa.info/cve/cve-2022-32587/</link>
|
||||
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
||||
|
||||
<guid>https://daffa.info/cve/cve-2022-32587/</guid>
|
||||
<description>WordPress WP Page Widget plugin &lt;= 3.9 - Cross-Site Request Forgery</description>
|
||||
</item>
|
||||
|
||||
<item>
|
||||
<title>CVE-2022-38137</title>
|
||||
<link>https://daffa.info/cve/cve-2022-38137/</link>
|
||||
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
||||
|
||||
<guid>https://daffa.info/cve/cve-2022-38137/</guid>
|
||||
<description>WordPress Analytify plugin &lt;= 4.2.2 - Cross-Site Request Forgery</description>
|
||||
</item>
|
||||
|
||||
<item>
|
||||
<title>CVE-2022-36340</title>
|
||||
<link>https://daffa.info/cve/cve-2022-36340/</link>
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -9,7 +9,25 @@
|
|||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||
</image>
|
||||
<generator>Hugo -- gohugo.io</generator>
|
||||
<lastBuildDate>Fri, 23 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/index.xml" rel="self" type="application/rss+xml" />
|
||||
<lastBuildDate>Mon, 26 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/index.xml" rel="self" type="application/rss+xml" />
|
||||
<item>
|
||||
<title>CVE-2022-32587</title>
|
||||
<link>https://daffa.info/cve/cve-2022-32587/</link>
|
||||
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
||||
|
||||
<guid>https://daffa.info/cve/cve-2022-32587/</guid>
|
||||
<description>WordPress WP Page Widget plugin &lt;= 3.9 - Cross-Site Request Forgery</description>
|
||||
</item>
|
||||
|
||||
<item>
|
||||
<title>CVE-2022-38137</title>
|
||||
<link>https://daffa.info/cve/cve-2022-38137/</link>
|
||||
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
||||
|
||||
<guid>https://daffa.info/cve/cve-2022-38137/</guid>
|
||||
<description>WordPress Analytify plugin &lt;= 4.2.2 - Cross-Site Request Forgery</description>
|
||||
</item>
|
||||
|
||||
<item>
|
||||
<title>CVE-2022-36340</title>
|
||||
<link>https://daffa.info/cve/cve-2022-36340/</link>
|
||||
|
|
|
@ -3,7 +3,22 @@
|
|||
xmlns:xhtml="http://www.w3.org/1999/xhtml">
|
||||
<url>
|
||||
<loc>https://daffa.info/tags/cve/</loc>
|
||||
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||
<lastmod>2022-09-26T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/cve/cve-2022-32587/</loc>
|
||||
<lastmod>2022-09-26T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/cve/cve-2022-38137/</loc>
|
||||
<lastmod>2022-09-26T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/cve/</loc>
|
||||
<lastmod>2022-09-26T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/</loc>
|
||||
<lastmod>2022-09-26T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/tags/</loc>
|
||||
<lastmod>2022-09-26T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/cve/cve-2022-36340/</loc>
|
||||
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||
|
@ -19,15 +34,6 @@
|
|||
</url><url>
|
||||
<loc>https://daffa.info/cve/cve-2022-40194/</loc>
|
||||
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/cve/</loc>
|
||||
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/</loc>
|
||||
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/tags/</loc>
|
||||
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||
</url><url>
|
||||
<loc>https://daffa.info/cve/cve-2022-38470/</loc>
|
||||
<lastmod>2022-09-22T11:30:03+00:00</lastmod>
|
||||
|
|
|
@ -1,5 +1,14 @@
|
|||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-36340</h2></header><div class=entry-content><p>Description Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at WordPress.
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-32587</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in CodeAndMore WP Page Widget plugin <= 3.9 on WordPress leading to plugin settings change.
|
||||
Plugin Name WP Page Widget
|
||||
Installation Number 60,000+
|
||||
Affected Version <= 3.9
|
||||
Fixed Version 4.0
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-32587" href=https://daffa.info/cve/cve-2022-32587/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38137</h2></header><div class=entry-content><p>Description Plugin Name Analytify – Google Analytics Dashboard For WordPress
|
||||
Installation Number 60,000+
|
||||
Affected Version <= 4.2.2
|
||||
Fixed Version 4.2.3
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38137" href=https://daffa.info/cve/cve-2022-38137/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-36340</h2></header><div class=entry-content><p>Description Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at WordPress.
|
||||
Plugin Name Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin
|
||||
Installation Number 30,000+
|
||||
Affected Version <= 1.2.49.0
|
||||
|
@ -14,17 +23,7 @@ Plugin Name Customer Reviews for WooCommerce
|
|||
Installation Number 50,000+
|
||||
Affected Version <= 5.3.5
|
||||
Fixed Version 5.3.6
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38134" href=https://daffa.info/cve/cve-2022-38134/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-40132</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Podcasting plugin <= 2.16.0 at WordPress, leading to plugin settings change.
|
||||
Plugin Name Seriously Simple Podcasting
|
||||
Installation Number 30,000+
|
||||
Affected Version <= 2.16.0
|
||||
Fixed Version 2.16.1
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-40132" href=https://daffa.info/cve/cve-2022-40132/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-40194</h2></header><div class=entry-content><p>Description Unauthenticated Sensitive Information Disclosure vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress
|
||||
Plugin Name Customer Reviews for WooCommerce
|
||||
Installation Number 50,000+
|
||||
Affected Version <= 5.3.5
|
||||
Fixed Version 5.3.6
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-40194" href=https://daffa.info/cve/cve-2022-40194/></a></article><footer class=page-footer><nav class=pagination><a class=next href=https://daffa.info/tags/cve/page/2/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38134" href=https://daffa.info/cve/cve-2022-38134/></a></article><footer class=page-footer><nav class=pagination><a class=next href=https://daffa.info/tags/cve/page/2/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||
<span>Powered by
|
||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -9,7 +9,25 @@
|
|||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||
</image>
|
||||
<generator>Hugo -- gohugo.io</generator>
|
||||
<lastBuildDate>Fri, 23 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/cve/index.xml" rel="self" type="application/rss+xml" />
|
||||
<lastBuildDate>Mon, 26 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/cve/index.xml" rel="self" type="application/rss+xml" />
|
||||
<item>
|
||||
<title>CVE-2022-32587</title>
|
||||
<link>https://daffa.info/cve/cve-2022-32587/</link>
|
||||
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
||||
|
||||
<guid>https://daffa.info/cve/cve-2022-32587/</guid>
|
||||
<description>WordPress WP Page Widget plugin &lt;= 3.9 - Cross-Site Request Forgery</description>
|
||||
</item>
|
||||
|
||||
<item>
|
||||
<title>CVE-2022-38137</title>
|
||||
<link>https://daffa.info/cve/cve-2022-38137/</link>
|
||||
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
||||
|
||||
<guid>https://daffa.info/cve/cve-2022-38137/</guid>
|
||||
<description>WordPress Analytify plugin &lt;= 4.2.2 - Cross-Site Request Forgery</description>
|
||||
</item>
|
||||
|
||||
<item>
|
||||
<title>CVE-2022-36340</title>
|
||||
<link>https://daffa.info/cve/cve-2022-36340/</link>
|
||||
|
|
|
@ -1,5 +1,15 @@
|
|||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38470</h2></header><div class=entry-content><p>Description Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-40132</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Podcasting plugin <= 2.16.0 at WordPress, leading to plugin settings change.
|
||||
Plugin Name Seriously Simple Podcasting
|
||||
Installation Number 30,000+
|
||||
Affected Version <= 2.16.0
|
||||
Fixed Version 2.16.1
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-40132" href=https://daffa.info/cve/cve-2022-40132/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-40194</h2></header><div class=entry-content><p>Description Unauthenticated Sensitive Information Disclosure vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress
|
||||
Plugin Name Customer Reviews for WooCommerce
|
||||
Installation Number 50,000+
|
||||
Affected Version <= 5.3.5
|
||||
Fixed Version 5.3.6
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-40194" href=https://daffa.info/cve/cve-2022-40194/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38470</h2></header><div class=entry-content><p>Description Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
|
||||
Plugin Name Customer Reviews for WooCommerce
|
||||
Installation Number 50,000+
|
||||
Affected Version <= 5.3.5
|
||||
|
@ -14,17 +24,7 @@ Plugin Name Download Manager
|
|||
Installation Number 100,000+
|
||||
Affected Version <= 3.2.48
|
||||
Fixed Version 3.2.49
|
||||
Advisory Link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-08-22 11:30:03 +0000 UTC'>August 22, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-34347" href=https://daffa.info/cve/cve-2022-34347/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-36346</h2></header><div class=entry-content><p>Description Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress.
|
||||
Plugin Name MaxButtons
|
||||
Installation Number 100,000+
|
||||
Affected Version <= 9.2
|
||||
Fixed Version 9.3
|
||||
Advisory Link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-08-22 11:30:03 +0000 UTC'>August 22, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-36346" href=https://daffa.info/cve/cve-2022-36346/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-33201</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key.
|
||||
Plugin Name MailerLite – Signup forms (official)
|
||||
Installation Number 60,000+
|
||||
Affected Version <= 1.5.6
|
||||
Fixed Version 1.5.7
|
||||
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-05-08 11:30:03 +0000 UTC'>May 8, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-33201" href=https://daffa.info/cve/cve-2022-33201/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/>« Prev </a>
|
||||
Advisory Link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-08-22 11:30:03 +0000 UTC'>August 22, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-34347" href=https://daffa.info/cve/cve-2022-34347/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/>« Prev </a>
|
||||
<a class=next href=https://daffa.info/tags/cve/page/3/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||
<span>Powered by
|
||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||
|
|
|
@ -1,5 +1,15 @@
|
|||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-27848</h2></header><div class=entry-content><p>Description Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-36346</h2></header><div class=entry-content><p>Description Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress.
|
||||
Plugin Name MaxButtons
|
||||
Installation Number 100,000+
|
||||
Affected Version <= 9.2
|
||||
Fixed Version 9.3
|
||||
Advisory Link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-08-22 11:30:03 +0000 UTC'>August 22, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-36346" href=https://daffa.info/cve/cve-2022-36346/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-33201</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key.
|
||||
Plugin Name MailerLite – Signup forms (official)
|
||||
Installation Number 60,000+
|
||||
Affected Version <= 1.5.6
|
||||
Fixed Version 1.5.7
|
||||
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-05-08 11:30:03 +0000 UTC'>May 8, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-33201" href=https://daffa.info/cve/cve-2022-33201/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-27848</h2></header><div class=entry-content><p>Description Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1
|
||||
Plugin Name Modern Events Calendar Lite
|
||||
Installation Number 100,000+ (Closed)
|
||||
Affected Version <= 6.5.1
|
||||
|
@ -14,17 +24,7 @@ Plugin Name wpDataTables
|
|||
Installation Number 60,000+
|
||||
Affected Version <= 2.1.27
|
||||
Fixed Version 2.1.28
|
||||
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-04-04 11:30:03 +0000 UTC'>April 4, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-25618" href=https://daffa.info/cve/cve-2022-25618/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38704</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history.
|
||||
Plugin Name SEO Redirection Plugin – 301 Redirect Manager
|
||||
Installation Number 30,000+
|
||||
Affected Version <= 8.9
|
||||
Fixed Version 9.1
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38704" href=https://daffa.info/cve/cve-2022-38704/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-23983</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4).
|
||||
Plugin Name WP Content Copy Protection & No Right Click
|
||||
Installation Number 100,000+
|
||||
Affected Version <= 3.4.4
|
||||
Fixed Version 3.4.5
|
||||
Advisory link MITRE WPScan Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-23983" href=https://daffa.info/cve/cve-2022-23983/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/page/2/>« Prev </a>
|
||||
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-04-04 11:30:03 +0000 UTC'>April 4, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-25618" href=https://daffa.info/cve/cve-2022-25618/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/page/2/>« Prev </a>
|
||||
<a class=next href=https://daffa.info/tags/cve/page/4/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||
<span>Powered by
|
||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||
|
|
|
@ -1,5 +1,15 @@
|
|||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-23984</h2></header><div class=entry-content><p>Description Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38704</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history.
|
||||
Plugin Name SEO Redirection Plugin – 301 Redirect Manager
|
||||
Installation Number 30,000+
|
||||
Affected Version <= 8.9
|
||||
Fixed Version 9.1
|
||||
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38704" href=https://daffa.info/cve/cve-2022-38704/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-23983</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4).
|
||||
Plugin Name WP Content Copy Protection & No Right Click
|
||||
Installation Number 100,000+
|
||||
Affected Version <= 3.4.4
|
||||
Fixed Version 3.4.5
|
||||
Advisory link MITRE WPScan Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-23983" href=https://daffa.info/cve/cve-2022-23983/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-23984</h2></header><div class=entry-content><p>Description Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).
|
||||
Plugin Name wpDiscuz
|
||||
Installation Number 90,000+
|
||||
Affected Version <= 7.3.11
|
||||
|
@ -14,12 +24,8 @@ Plugin Name Charitable
|
|||
Installation Number 10,000+
|
||||
Affected Version <= 1.6.50
|
||||
Fixed Version 1.6.51
|
||||
Advisory Link MITRE WPScan</p></div><footer class=entry-footer><span title='2021-07-21 11:30:03 +0000 UTC'>July 21, 2021</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2021-24531" href=https://daffa.info/cve/cve-2021-24531/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2021-24519</h2></header><div class=entry-content><p>Description The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the ‘Text Next to Icon’ field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue
|
||||
Plugin Name VikRentCar
|
||||
Installation Number 1,000+
|
||||
Affected Version <= 1.1.9
|
||||
Fixed Version 1.1.10
|
||||
Advisory Link MITRE WPScan</p></div><footer class=entry-footer><span title='2021-07-19 11:30:03 +0000 UTC'>July 19, 2021</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2021-24519" href=https://daffa.info/cve/cve-2021-24519/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/page/3/>« Prev </a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||
Advisory Link MITRE WPScan</p></div><footer class=entry-footer><span title='2021-07-21 11:30:03 +0000 UTC'>July 21, 2021</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2021-24531" href=https://daffa.info/cve/cve-2021-24531/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/page/3/>« Prev </a>
|
||||
<a class=next href=https://daffa.info/tags/cve/page/5/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||
<span>Powered by
|
||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -0,0 +1,10 @@
|
|||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2021-24519</h2></header><div class=entry-content><p>Description The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the ‘Text Next to Icon’ field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue
|
||||
Plugin Name VikRentCar
|
||||
Installation Number 1,000+
|
||||
Affected Version <= 1.1.9
|
||||
Fixed Version 1.1.10
|
||||
Advisory Link MITRE WPScan</p></div><footer class=entry-footer><span title='2021-07-19 11:30:03 +0000 UTC'>July 19, 2021</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2021-24519" href=https://daffa.info/cve/cve-2021-24519/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/page/4/>« Prev </a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||
<span>Powered by
|
||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
File diff suppressed because one or more lines are too long
|
@ -9,11 +9,11 @@
|
|||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||
</image>
|
||||
<generator>Hugo -- gohugo.io</generator>
|
||||
<lastBuildDate>Fri, 23 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/index.xml" rel="self" type="application/rss+xml" />
|
||||
<lastBuildDate>Mon, 26 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/index.xml" rel="self" type="application/rss+xml" />
|
||||
<item>
|
||||
<title>cve</title>
|
||||
<link>https://daffa.info/tags/cve/</link>
|
||||
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||
<pubDate>Mon, 26 Sep 2022 11:30:03 +0000</pubDate>
|
||||
|
||||
<guid>https://daffa.info/tags/cve/</guid>
|
||||
<description></description>
|
||||
|
|
Loading…
Reference in New Issue