PHP - CVE CyberSecurity Database News (Page 2)

Dec 13, 2024 WordPress API Exploit PHP

CVE-2023-39920: Missing Authorization Vulnerability in Themeisle Redirection for Contact Form 7 Could Result in Exploiting Incorrectly Configured Access Control Security Levels

A vulnerability has been discovered in the popular WordPress plugin, Themeisle Redirection for Contact Form 7, which allows an attacker to exploit misconfigured access control

Dec 12, 2024 Exploit PHP

CVE-2024-50339: Unauthenticated SessionID Retrieval in GLPI Prior to version 10..17

GLPI (Gestionnaire Libre de Parc Informatique) is a free and open-source asset and IT management software package widely used for inventory and issue-tracking. Unfortunately, versions

Dec 10, 2024 WordPress Exploit PHP

CVE-2024-11205: WPForms Plugin for WordPress - Unauthorized Data Modification Vulnerability

WPForms is a widely used plugin for creating and maintaining responsive forms on WordPress websites. Recently, a significant vulnerability was discovered in its implementation, which

Dec 10, 2024 Exploit PHP

CVE-2024-55636 - Deserialization of Untrusted Data Vulnerability in Drupal Core Leads to Object Injection and Potential Remote Code Execution

In this post, we will discuss an important and critical vulnerability (CVE-2024-55636) in several versions of Drupal Core that can lead to the deserialization of

Dec 9, 2024 WordPress Exploit PHP

CVE-2023-51360: Missing Authorization Vulnerability in WPDeveloper Essential Blocks for Gutenberg Leads to Incorrectly Configured Access Control Security Levels Exploitation

A missing authorization vulnerability has been discovered in the WPDeveloper Essential Blocks for Gutenberg, a popular WordPress plugin. This vulnerability, assigned as CVE-2023-51360, allows attackers