WordPress Elementor plugin versions 3.6.0 through 3.6.2 suffer from a remote shell upload vulnerability. This is achieved by sending a request to install Elementor Pro from a user supplied zip…
WordPress WPvivid Backup plugin versions prior to 0.9.76 suffer from a path traversal vulnerability.
http://www.kksec.go.th/read.html notified by ./Niz4r
Joomla JUX Charity Hub extension version 1.0.4 suffers from a remote SQL injection vulnerability.
Joomla Easy Shop extension version 1.4.1 suffers from a cross site scripting vulnerability.
Joomla JKassa ShoppingCart extension version 2.0.0 suffers from a remote SQL injection vulnerability.
Google Chrome version 103.0.5060.53 suffers from an Autofill Assistant universal cross site scripting vulnerability.
Google Chrome version 103.0.5060.53 (Official Build) and Chromium version 105.0.5148.0 (Developer Build) (64-bit) suffer from a network::URLLoader::NotifyCompleted heap use-after-free vulnerability.
Joomla MarvikShop ShoppingCart extension version 3.4 suffers from a remote SQL injection vulnerability.
Joomla MarvikShop ShoppingCart extension version 3.4 suffers from a suffers from a cross site scripting vulnerability.