6 matches found
EUVD-2024-21000
Malicious code in bioql PyPI...
CVE-2024-23505
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DearHive PDF Viewer & 3D PDF Flipbook – DearPDF allows Stored XSS.This issue affects PDF Viewer & 3D PDF Flipbook – DearPDF: from n/a through 2.0.38...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DearHive PDF Viewer & 3D PDF Flipbook – DearPDF allows Stored XSS.This issue affects PDF Viewer & 3D PDF Flipbook – DearPDF: from n/a through 2.0.38...
CVE-2024-23505
CVE-2024-23505 affects WordPress plugin PDF Viewer & 3D PDF Flipbook – DearPDF (DearPDF Lite) up to version 2.0.38. The issue is a Stored XSS caused by Improper Neutralization of Input During Web Page Generation. Public exploit details are not provided in the documents; exploitation status is unk...
PDF Viewer & 3D PDF Flipbook – DearPDF <= 2.0.38 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The PDF Viewer & 3D PDF Flipbook – DearPDF plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.38 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
WordPress PDF Viewer & 3D PDF Flipbook – DearPDF Plugin <= 2.0.38 is vulnerable to Cross Site Scripting (XSS)
Software PDF Viewer & 3D PDF Flipbook – DearPDF Type Plugin Vulnerable versions = 2.0.38 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-23505 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d503ba2d3347 Credits Ngô Thiên An...