EUVD-2022-48245

Malicious code in bioql PyPI...

CVE-2022-1094

The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-45348

Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This issue affects amr users: from n/a through 4.59.4...

WordPress amr users Plugin <= 4.59.4 is vulnerable to CSV Injection

Software amr users Type Plugin Vulnerable versions = 4.59.4 Fixed in N/A OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45348 Patch priority Low CVSS severity Low 5.8 Developer Claim ownership PSID af617aa8d2cb Credits Mika Required privilege Subscriber Published 22 March,...

PT-2022-13656 · WordPress · Amr Users

Name of the Vulnerable Software and Affected Versions: amr users WordPress plugin versions prior to 4.59.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some settings are not properly sanitised and...