OX Appsuite - Cross-Site Scripting

OX App Suite through 7.10.4 allows XSS via the app loading mechanism the PATHINFO to the /appsuite URI. id: CVE-2020-24701 info: name: OX Appsuite - Cross-Site Scripting author: DhiyaneshDk severity: medium description: | OX App Suite through 7.10.4 allows XSS via the app loading mechanism the...

CVE-2021-24701

The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2025-24701

creationtimestamp| type| source ---|---|--- 2025-01-24 21:32:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113885467530063505...

CVE-2025-24701

Server-Side Request Forgery SSRF vulnerability in Bob Chained Quiz chained-quiz allows Server Side Request Forgery.This issue affects Chained Quiz: from n/a through = 1.3.2.9...

CVE-2025-24701 WordPress Chained Quiz Plugin <= 1.3.2.9 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Bob Chained Quiz chained-quiz allows Server Side Request Forgery.This issue affects Chained Quiz: from n/a through = 1.3.2.9...

CVE-2024-24701

creationtimestamp| type| source ---|---|--- 2024-02-29 03:03:10+00:00| seen| https://t.me/ctinow/196136...

CVE-2024-24701

CVE-2024-24701 is a CSRF vulnerability in Setka Editor (WordPress plugin: setka-editor)

CVE-2024-24701 WordPress Setka Editor Plugin <= 2.1.20 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Native Grid LLC A no-code page builder for beautiful performance-based content.This issue affects A no-code page builder for beautiful performance-based content: from n/a through 2.1.20...

WordPress Setka Editor Plugin <= 2.1.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software Setka Editor Type Plugin Vulnerable versions = 2.1.20 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-24701 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1ca29da0e919 Credits emad Required privilege...

CVE-2022-24701

An issue was discovered in WinAPRS 2.9.0. A buffer overflow in national.txt processing allows a local attacker to cause a denial of service or possibly achieve code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2021-24701

The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2021-24701

CVE-2021-24701 affects the WordPress plugin Quiz Tool Lite (versions

CVE-2020-24701

CVE-2020-24701 affects OX App Suite up to version 7.10.4. The issue is a Cross-Site Scripting (XSS) via the app loading mechanism, exploiting PATH_INFO to the /appsuite URI. This allows injection of JavaScript by an attacker, with potential impact including theft of session cookies and actions on...

CVE-2020-24701

OX App Suite through 7.10.4 allows XSS via the app loading mechanism the PATHINFO to the /appsuite URI...

Command execution vulnerability exists in DSMall (CNVD-2020-24701)

DSMall is a comprehensive mall platform system. DSMall suffers from a command execution vulnerability that can be exploited by attackers to execute malicious code...