The NEX-Forms. plugin for WordPress is vulnerable to unauthorized disclosure and modification of data in versions up to, and including 7.7.1 due to missing capability checks on several AJAX actions. This makes it possible for authenticated attackers with subscriber level permissions and above to invoke these functions which can be used to perform actions like modify form submission records, deleting files, sending test emails, modifying plugin settings, and more.
More Stories
cups-2.4.10-7.fc39 cups-browsed-2.0.1-3.fc39 libcupsfilters-2.1~b1-3.fc39 libppd-2.1~b1-2.fc39
FEDORA-2024-cf6ab63871 Packages in this update: cups-2.4.10-7.fc39 cups-browsed-2.0.1-3.fc39 libcupsfilters-2.1~b1-3.fc39 libppd-2.1~b1-2.fc39 Update description: Fix for remote vulnerabilities against OpenPrinting cups-filters Read More
cups-2.4.10-7.fc40 cups-browsed-2.0.1-3.fc40 libcupsfilters-2.1~b1-3.fc40 libppd-2.1~b1-2.fc40
FEDORA-2024-01127974ec Packages in this update: cups-2.4.10-7.fc40 cups-browsed-2.0.1-3.fc40 libcupsfilters-2.1~b1-3.fc40 libppd-2.1~b1-2.fc40 Update description: Fix for remote vulnerabilities against OpenPrinting cups-filters Read More
cups-2.4.10-7.fc41 cups-browsed-2.0.1-3.fc41 libcupsfilters-2.1~b1-3.fc41 libppd-2.1~b1-2.fc41
FEDORA-2024-3fc82fed09 Packages in this update: cups-2.4.10-7.fc41 cups-browsed-2.0.1-3.fc41 libcupsfilters-2.1~b1-3.fc41 libppd-2.1~b1-2.fc41 Update description: Fix for remove vulnerabilities against OpenPrinting cups-filters Read More
USN-7045-1: libppd vulnerability
Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this...
USN-7044-1: libcupsfilters vulnerability
Simone Margaritelli discovered that libcupsfilters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this...
USN-7043-1: cups-filters vulnerabilities
Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network....