Category Archives: Advisories

vim-8.2.4428-1.fc34

Read Time:15 Second

FEDORA-2022-7ef65e6444

Packages in this update:

vim-8.2.4428-1.fc34

Update description:

Security fix for CVE-2022-0696

Security fix for CVE-2022-0629

Security fix for CVE-2022-0572

Security fixes for CVE-2022-0408, CVE-2022-0413, CVE-2022-0393, CVE-2022-0417, CVE-2022-0443

Read More

CVE-2021-24867

Read Time:15 Second

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion

Read More

CVE-2021-24921

Read Time:10 Second

The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues

Read More

CVE-2021-25057

Read Time:9 Second

The Translation Exchange WordPress plugin through 1.0.14 was vulnerable to Authenticated Stored Cross-Site Scripting (XSS) within the Project Key text field found in the plugin’s settings.

Read More

CVE-2021-25060

Read Time:18 Second

The Five Star Business Profile and Schema WordPress plugin before 2.1.7 does not have any authorisation and CSRF in its bpfwp_welcome_add_contact_page and bpfwp_welcome_set_contact_information AJAX action, allowing any authenticated users, such as subscribers, to call them. Furthermore, due to the lack of sanitisation, it also lead to Stored Cross-Site Scripting issues

Read More