API - CVE CyberSecurity Database News (Page 23)

Dec 9, 2024 API Exploit

CVE-2023-30870: Critical Missing Authorization Vulnerability in Wooproductimporter Sharkdropship for AliExpress Dropship and Affiliate with Potential Exploits due to Incorrectly Configured Access Control Security Levels

A critical vulnerability, dubbed CVE-2023-30870, has been discovered in the Wooproductimporter Sharkdropship plugin for AliExpress Dropship and Affiliate. This vulnerability is caused by missing authorization

Dec 9, 2024 API Exploit

CVE-2023-47871: Missing Authorization Vulnerability in IT Path Solutions Contact Form to Any API Exposes Exploit Potential

A recent security issue - CVE-2023-47871 - has been identified within the IT Path Solutions Contact Form to Any API software that can lead to

Dec 7, 2024 XSS WordPress API Exploit PHP

CVE-2024-11380: Stored Cross-Site Scripting Vulnerability in Mini Program API Plugin for WordPress

As cyber-security continues to be a top priority, it is essential to stay informed about the latest vulnerabilities affecting popular technologies. This post will provide

Dec 5, 2024 API SQL

CVE-2024-54128 - Directus HTML Injection Vulnerability in Comment Feature, Patched in Versions 10.13.4 and 11.2.

Directus is a popular real-time API and App dashboard for managing SQL database content, with notable features such as an intuitive interface and powerful customization

Dec 5, 2024 API Exploit

CVE-2024-51545: Exploring Username Enumeration Vulnerabilities in ABB ASPECT, NEXUS and MATRIX Series Products

In recent times, we have seen a concerning increase in cyber attacks, highlighting a growing need to fortify security measures. One such vulnerability that demands