Posted by Julien Ahrens (RCE Security) on Feb 14
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
=======================
Product: Quiz And Survey Master
Vendor URL: https://wordpress.org/plugins/quiz-master-next/
Type: Missing Authentication for Critical Function [CWE-306]
Date found: 2023-01-13
Date published: 2023-02-08
CVSSv3 Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVE: CVE-2023-0291
2. CREDITS
==========…
More Stories
clamav-1.0.6-1.fc40
FEDORA-2024-34474f346b Packages in this update: clamav-1.0.6-1.fc40 Update description: ClamAV 1.0.6 is a critical patch release with the following fixes: Updated...
clamav-1.0.6-1.fc39
FEDORA-2024-1a79c2ef63 Packages in this update: clamav-1.0.6-1.fc39 Update description: ClamAV 1.0.6 is a critical patch release with the following fixes: Updated...
clamav-1.0.6-1.el9
FEDORA-EPEL-2024-25c9732d41 Packages in this update: clamav-1.0.6-1.el9 Update description: ClamAV 1.0.6 is a critical patch release with the following fixes: Updated...
clamav-1.0.6-1.fc38
FEDORA-2024-92b8ac25a5 Packages in this update: clamav-1.0.6-1.fc38 Update description: ClamAV 1.0.6 is a critical patch release with the following fixes: Updated...
USN-6754-1: nghttp2 vulnerabilities
It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause...
USN-6753-1: CryptoJS vulnerability
Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use...