EUVD-2024-47584

Malicious code in bioql PyPI...

CVE-2024-3026

The WordPress Button Plugin MaxButtons WordPress plugin before 9.7.8 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks...

WordPress WordPress Button Plugin MaxButtons plugin <= 9.7.8 - Full Path Disclosure vulnerability

Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin MaxButtons versions = 9.7.8...

WordPress MaxButtons Plugin <= 9.7.8 is vulnerable to Sensitive Data Exposure

Software MaxButtons Type Plugin Vulnerable versions = 9.7.8 Fixed in 9.8.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6499 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c468e4e161ae Credits stealthcopter Required privileg...

WordPress plugin WordPress Button Plugin MaxButtons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress MaxButtons Plugin < 9.7.8 is vulnerable to Cross Site Scripting (XSS)

Software MaxButtons Type Plugin Vulnerable versions 9.7.8 Fixed in 9.7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3026 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e5d877c29aee Credits Dmitrii Ignatyev Required...

CVE-2023-4889

CVE-2023-4889 (Shareaholic for WordPress) is a stored cross-site scripting vulnerability in the Shareaholic plugin for WordPress, exploitable via the shortcodes attribute handling. The description from CVE sources indicates the issue arises from insufficient input sanitization and output escaping...