CVE-2023-0058 - Cyber Security News

Read Time:14 Second

The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when creating and editing its shortcode, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

More Stories

USN-7449-2: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7463-1: Linux kernel (IBM) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

xz-5.8.1-2.fc42

FEDORA-2025-7f00e5e744 Packages in this update: xz-5.8.1-2.fc42 Update description: New upstream version 5.8.1 (with a rebuild to try and fix a...

USN-7462-2: Linux kernel (AWS FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7462-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7461-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...