Vulnerability Summary for the Week of April 22, 2024

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
abdul_hakeem — build_app_online	Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.	2024-04-25	9.8	CVE-2023-51478 audit@patchstack.com
algolplus — advanced_order_export_for_woocommerce	Improper Control of Generation of Code (‘Code Injection’) vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4.	2024-04-25	9.1	CVE-2024-31266 audit@patchstack.com
andondesign — udesi […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Bulletins Read the original article: Vulnerability Summary for the Week of April 22, 2024 Related Tags: Bulletins EN Post navigation ← Ford’s hands-free driver system is under investigation after fatal crashes – what to know London Drugs closes all of its pharmacies following ‘cybersecurity incident’ → Search for: IT Security News (EN) Join the Movement for Public Broadband in PDX October 4, 2024 Contact center fraud: How to detect and prevent it October 4, 2024 Crypto Wallet App on Google Play Steals $70,000 from Mobile Users October 4, 2024 DoJ, Microsoft Seize 100 Russian Phishing Sites Targeting US October 4, 2024 Summer 2024 SOC 1 report now available in Japanese, Korean, and Spanish October 4, 2024 Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns October 4, 2024 Mark Zuckerberg Overtakes Bezos To Become Second-Richest Man October 4, 2024 Cybersecurity professionals are turning to AI as more lose control of detection tools October 4, 2024 How to conduct firewall testing and analyze test results October 4, 2024 8 Tips to protect your devices from malware attacks October 4, 2024 Biggest Ever DDoS is Threat to OT Critical Infrastructure October 4, 2024 Fileless malware eating computing power of Linux Servers October 4, 2024 Enhanced API Security: Fine-Grained Access Control Using OPA and Kong Gateway October 4, 2024 GPT-4o: OpenAI’s shield against $40B deepfake threat to enterprises October 4, 2024 New CUPS Vulnerability Can Amplify DDoS Attacks: Patch Now! October 4, 2024 Fake Trading Apps for Android, iOS Lead to Pig Butchering Scam October 4, 2024 Windows 11’s Recall feature is Now Ready For Release, Microsoft Claims October 4, 2024 Necro Trojan Uses Steganography to Attack 11 Million Devices October 4, 2024 Palo Alto Networks: 5x Leader in the Gartner Magic Quadrant for SD-WAN October 4, 2024 How Cloud-Based Solutions Are Transforming Software Quality Assurance October 4, 2024 IT Sicherheitsnews (DE) 5G-Ausbau: Zwei Bundesländer hinken besonders hinterher October 4, 2024 IT Sicherheitsnews taegliche Zusammenfassung 2024-10-04 October 4, 2024 Warum Sam Altman oder Ursula von der Leyen Handschuhe mit sechs Fingern zugeschickt wurden October 4, 2024 Entwickler kehrt der Cloud den Rücken – und spart richtig Geld dabei October 4, 2024 KI-Agent macht sich zum Systemadministrator und sabotiert Boot-Einstellungen October 4, 2024 Whatsapp-Status: Jetzt neu mit Likes und privaten Erwähnungen October 4, 2024 Windows 11 und Copilot: Diese neuen Features erwarten uns October 4, 2024 EuGH-Urteil: Polizeilicher Zugriff auf Handydaten unter Auflagen erlaubt October 4, 2024 En Ovend met Leena Simon un padeluun in Kölle October 4, 2024 Exploits beobachtet: CISA warnt Nutzer von Ivanti- und Zimbra-Software October 4, 2024 Daily Summary Enter your email address: GDPR compliance Categories Categories Meta Log in Entries feed Comments feed WordPress.org Copyright © 2024 IT Security News International (DE, EN). All Rights Reserved. The Magazine Basic Theme by bavotasan.com.

Primary
Vendor — Product

Description

Published

CVSS Score

Source & Patch Info

abdul_hakeem — build_app_online

Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.

2024-04-25

9.8

CVE-2023-51478
audit@patchstack.com

algolplus — advanced_order_export_for_woocommerce

Improper Control of Generation of Code (‘Code Injection’) vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4.

2024-04-25

9.1

CVE-2024-31266
audit@patchstack.com

andondesign — udesi

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Bulletins