Security Vulnerabilities - CVEs Published In August 2022
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in 8 Degree Themes otification Bar for WordPress plugin <= 1.1.8 at WordPress.
CVSS Score
6.1
EPSS Score
0.005
Published
2022-08-23
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.
CVSS Score
6.4
EPSS Score
0.001
Published
2022-08-23
Authenticated (subscriber+) Denial Of Service (DoS) vulnerability in WordPlus WordPress Better Messages plugin <= 1.9.10.57 at WordPress.
CVSS Score
7.7
EPSS Score
0.003
Published
2022-08-23
Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-08-23
Multiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-08-23
Authenticated Arbitrary Settings Update vulnerability in YooMoney ЮKassa для WooCommerce plugin <= 2.3.0 at WordPress.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-08-23
Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress.
CVSS Score
4.9
EPSS Score
0.005
Published
2022-08-23
Unauthenticated plugin settings change vulnerability in 59sec THE Leads Management System: 59sec LITE plugin <= 3.4.1 at WordPress.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-08-23
A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-08-23
A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-23