all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Rank Math SEO < 1.0.219 - Authenticated Stored XSSThe Rank Math SEO WordPress...

Add to bookmarks
July 2, 2024, 6 a.m. |

CVE | THREATINT - NEW cve.threatint.com

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings (by default admin, however such acce...

access admin default escape general math plugin seo settings wordpress wordpress plugin

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

playSMS Template injectionA vulnerability was found in playSMS 1.4.3. It has ... 19 hours ago | cve.threatint.com
amp app file found +7
Red Lion Europe: mbNET.mini vulnerable to OS command injectionA high privileg... 19 hours ago | cve.threatint.com
attacker can command commands +8
Uncontrolled Resource Consumption vulnerability in MESbookUncontrolled Resour... 19 hours ago | cve.threatint.com
attacker can code inject +8
Information exposure vulnerability vulnerability in MESbookInformation exposu... 19 hours ago | cve.threatint.com
access api attacker changing +8
playSMS Template injectionA vulnerability was found in playSMS 1.4.3. It has ... 21 hours ago | cve.threatint.com
amp app file found +5
Limited DoS due to permitting creating users with user-defined IDsMattermost ... 22 hours ago | cve.threatint.com
attacker defined dos fail +2
RemoteClusterFrame payloads are audit logged in fullMattermost versions 9.5.x... 23 hours ago | cve.threatint.com
access attacker audit audit logs +7
Creating posts with user-defined IDs permitted in CreatePost APIMattermost ve... 23 hours ago | cve.threatint.com
attacker defined fail ids +3
Timing attack during remote cluster token comparison when shared channels are... 23 hours ago | cve.threatint.com
attack cluster fail mattermost +4

Jobs in InfoSec / Cybersecurity

Find Talent

All-Source Analyst (Watch Floor) - Senior

@ Global Dimensions | Columbia, Maryland, United States
View on infosec-jobs.com

Field Account Executive

@ Darktrace | Kentucky, United States
View on infosec-jobs.com

Technical Operations Engineer - International

@ Anduril | London, England, United Kingdom
View on infosec-jobs.com

Associate Analyst - Managed Security Services

@ Millennium IT ESP | Madhupur Upazila, Dhaka Division, Bangladesh
View on infosec-jobs.com

Associate Analyst - Managed Security Services

@ Millennium IT ESP | Klang, Selangor, Malaysia
View on infosec-jobs.com

Associate Analyst - Managed Security Services

@ Millennium IT ESP | Colombo, WP, Sri Lanka
View on infosec-jobs.com