Security Vulnerabilities - CVEs Published In December 2023
The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory, allowing an administrator to set a root outside of the WordPress root directory, giving access to system files and directories even in a multisite setup, where site administrators should not be allowed to modify the sites files.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-12-11
The WP Not Login Hide (WPNLH) WordPress plugin through 1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVSS Score
4.8
EPSS Score
0.001
Published
2023-12-11
The Contact Form Email WordPress plugin before 1.3.44 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVSS Score
4.8
EPSS Score
0.001
Published
2023-12-11
The EazyDocs WordPress plugin before 2.3.4 does not properly sanitize and escape "data" parameter before using it in an SQL statement via an AJAX action, which could allow any authenticated users, such as subscribers, to perform SQL Injection attacks.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-12-11
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a server-side request forgery vulnerability in `file.py`. This can lead to limited information disclosure. Users should use MindsDB's `staging` branch or v23.11.4.1, which contain a fix for the issue.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-12-11
A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-12-11
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.2.99.103 of Tuleap Community Edition and prior to versions 15.2-4 and 15.1-8 of Tuleap Enterprise Edition, the name of the releases are not properly escaped on the edition page of a release. A malicious user with the ability to create a FRS release could force a victim having write permissions in the FRS to execute uncontrolled code. Tuleap Community Edition 15.2.99.103, Tuleap Enterprise Edition 15.2-4, and Tuleap Enterprise Edition 15.1-8 contain a fix for this issue.
CVSS Score
5.4
EPSS Score
0.005
Published
2023-12-11
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles.
CVSS Score
7.6
EPSS Score
0.053
Published
2023-12-11
A vulnerability has been discovered on OJS, that consists in a CSRF (Cross-Site Request Forgery) attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-12-11
TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-11