WordPress Icegram Engage plugin < 3.1.32 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Icegram versions 3.1.32...

Linux Distros Unpatched Vulnerability : CVE-2017-1000480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...

CVE-2024-3201

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pplink' shortcode in all versions up to, and including, 3.1.32 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

CVE-2024-13482

The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin Icegram Engage 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Icegram Engage 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Icegram Engage plugin < 3.1.32 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Icegram versions 3.1.32...

CVE-2024-12302 Icegram Engage < 3.1.32 - Author+ Stored XSS

The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...

WordPress plugin Icegram Engage 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress WP DSGVO Tools (GDPR) plugin <= 3.1.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin WP DSGVO Tools GDPR versions = 3.1.32...

PT-2024-24355 · WordPress · Wp Dsgvo Tools

Name of the Vulnerable Software and Affected Versions: WP DSGVO Tools GDPR plugin for WordPress versions up to, and including, 3.1.32 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'pp link' shortcode due to insufficient input sanitization and output escaping on...

WordPress Ditty Plugin <= 3.1.31 is vulnerable to Cross Site Scripting (XSS)

Software Ditty Type Plugin Vulnerable versions = 3.1.31 Fixed in 3.1.32 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-32569 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 099376941676 Credits CatFather Required privilege...

GitPython 路径遍历漏洞

GitPython is a Python library open-sourced by gitpython-developers for interacting with Git repositories. A path traversal vulnerability exists in GitPython 3.1.32 and earlier versions, which stems from the fact that in order to resolve some git references, GitPython reads the file .git from a...

GitPython 代码问题漏洞

GitPython is a Python library for interacting with Git repositories open-sourced by gitpython-developers. A code issue vulnerability exists in GitPython 3.1.32 and earlier versions, which stems from the fact that an attacker can trick a user into downloading a repository with a malicious git...

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

GitPython Security Vulnerabilities

GitPython is a Python library for interacting with Git repositories open-sourced by gitpython-developers. A security vulnerability exists in GitPython versions prior to 3.1.32 that stems from not blocking the unsafe non-multi option in clone and clonefrom...

PT-2023-4724

Name of the Vulnerable Software and Affected Versions GitPython versions prior to 3.1.32 Description The issue is related to errors in processing input data in the GitPython library, which can allow a remote attacker to execute arbitrary code by injecting a specially crafted URL into the clone...

Security fix for the ALT Linux 10 package dotnet-coreclr-3.1 version 3.1.32-alt1

3.1.32-alt1 built March 18, 2023 Vitaly Lipatov in task 316692 March 12, 2023 Vitaly Lipatov - .NET Core 3.1.32 - CVE-2022-41089: .NET Remote Code Execution Vulnerability - CVE-2022-41032: .NET Elevation of Privilege Vulnerability - CVE-2022-34716: .NET Information Disclosure Vulnerability...