Missing Authorization vulnerability in ProFaceOff SSU.This issue affects SSU: from n/a through 1.5.0.

Missing Authorization vulnerability in Five Star Plugins Five Star Restaurant Reservations.This issue affects Five Star Restaurant Reservations: from n/a through 2.6.16.

Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5.

Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. A local low privileged malicious user could potentially exploit this vulnerability to obtain credentials leading to unauthorized access with elevated privileges. This could lead to further attacks, thus Dell recommends customers to upgrade at the earliest opportunity.

Missing Authorization vulnerability in Real Big Plugins Client Dash.This issue affects Client Dash: from n/a through 2.2.1.

Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue affects Custom field finder: from n/a through 0.3.

Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate.This issue affects Solid Affiliate: from n/a through 1.9.1.

Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17.

Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail).This issue affects Auto Featured Image (Auto Post Thumbnail): from n/a through 4.0.0.

Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2.

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Deepen Bajracharya Video Conferencing with Zoom.This issue affects Video Conferencing with Zoom: from n/a through 4.4.4.

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta.This issue affects User Meta: from n/a through 3.0.

Missing Authorization vulnerability in N-Media OrderConvo allows OS Command Injection.This issue affects OrderConvo: from n/a through 12.4.

Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5.

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Fastline Media LLC Assistant – Every Day Productivity Apps.This issue affects Assistant – Every Day Productivity Apps: from n/a through 1.4.9.1.

A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/Services_silentDump/Services_stopStartMTA/Config_saveDateTime/Config_hostid/Logs_StartGetStat/dumpConfiguration of the component SOAP Service. The manipulation leads to os command injection. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-262312.

A vulnerability was found in MailCleaner up to 2023.03.14. It has been classified as critical. This affects an unknown part of the component Admin Endpoints. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-262311.

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-262310 is the identifier assigned to this vulnerability.

A vulnerability has been found in MailCleaner up to 2023.03.14 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Admin Endpoints. The manipulation leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-262309 was assigned to this vulnerability.

A vulnerability, which was classified as problematic, was found in MailCleaner up to 2023.03.14. Affected is an unknown function of the component Admin Interface. The manipulation as part of Mail Message leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-262308.