Skip to main content
CVE-2023-0556 CRITICAL POC PATCH Act Now

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass WordPress Contentstudio
NVD VulDB
CVSS 3.1
9.8
EPSS
1.6%
CVE-2023-0558 HIGH POC This Week

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Contentstudio
NVD VulDB
CVSS 3.1
8.2
EPSS
1.6%
CVE-2023-0557 HIGH POC PATCH This Week

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure WordPress Contentstudio
NVD VulDB
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-0529 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.6%
CVE-2023-0528 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.6%
CVE-2023-0527 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Security Guards Hiring System
NVD GitHub VulDB Exploit-DB
CVSS 3.1
6.1
EPSS
6.2%
CVE-2023-0530 CRITICAL Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-0549 MEDIUM POC PATCH This Month

A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Yaf Net
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-24060 MEDIUM POC This Month

Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Haven
NVD GitHub
CVSS 3.1
5.0
EPSS
0.5%
CVE-2023-0534 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-0533 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-0532 MEDIUM POC This Month

A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-0531 MEDIUM POC This Month

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-0550 HIGH PATCH This Week

The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

WordPress Authentication Bypass Quick Restaurant Menu
NVD VulDB
CVSS 3.1
8.1
EPSS
0.2%
CVE-2023-0555 HIGH PATCH This Week

The Quick Restaurant Menu plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.0.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Quick Restaurant Menu
NVD VulDB
CVSS 3.1
8.1
EPSS
0.2%
CVE-2023-0554 HIGH PATCH This Week

The Quick Restaurant Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Quick Restaurant Menu
NVD VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2023-22242 HIGH This Week

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Adobe RCE Acrobat +3
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-22241 HIGH This Week

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Adobe RCE Acrobat +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-22240 HIGH This Week

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Adobe RCE Acrobat +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-22740 MEDIUM PATCH This Month

Discourse is an open source platform for community discussion. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Discourse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-0553 MEDIUM PATCH This Month

The Quick Restaurant Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters in versions up to, and including, 2.0.2 due to insufficient input sanitization. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Quick Restaurant Menu
NVD VulDB
CVSS 3.1
4.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy