NanoCMS v0.4 – Remote Code Execution (RCE) (Authenticated)
>> AUTHOR: deepcore
NanoCMS v0.4 – Remote Code Execution (RCE) (Authenticated)
Webmin 1.996 – Remote Code Execution (RCE) (Authenticated)
WordPress Plugin Duplicator 1.4.6 – Unauthenticated Backup Download
Wavlink WN530HG4 – Password Disclosure
Easy Chat Server 3.1 – Remote Stack Buffer Overflow (SEH)
Wavlink WN533A8 – Cross-Site Scripting (XSS)
Wavlink WN533A8 – Password Disclosure
WordPress WP-UserOnline plugin versions 2.87.6 and below suffer from a persistent cross site scripting vulnerability.
Transposh WordPress Translation versions 1.0.7 and below have an ajax action “tp_tp” that is vulnerable to an unauthenticated/authenticated reflected cross site scripting vulnerability when user-supplied input to the HTTP GET…
Transposh WordPress Translation versions 1.0.7 and below have an ajax action “tp_translation” which is available to authenticated or unauthenticated users (see CVE-2022-2461) that allows them to submit new translations. Translations…