13 matches found
CVE-2023-25474
Cross-Site Request Forgery CSRF vulnerability in Csaba Kissi About Me 3000 widget plugin = 2.2.6 versions...
EUVD-2023-29429
Malicious code in bioql PyPI...
Cross site scripting
The About Me 3000 widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...
CVE-2023-3369
CVE-2023-3369 refers to the About Me 3000 widget for WordPress. A Stored Cross-Site Scripting (XSS) flaw exists in admin settings for versions up to and including 2.2.6 due to insufficient input sanitization and output escaping. Impact is limited to authenticated attackers with administrator-leve...
WordPress Plugin About Me 3000 widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2023-24448 · WordPress · About Me 3000
Name of the Vulnerable Software and Affected Versions: About Me 3000 widget plugin for WordPress versions up to, and including, 2.2.6 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This allows...
WordPress About Me 3000 widget Plugin <= 2.2.6 is vulnerable to Cross Site Scripting (XSS)
Software About Me 3000 widget Type Plugin Vulnerable versions = 2.2.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3369 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 0d4783abf205 Credits Marco Wotschka Requir...
CVE-2023-25474
Cross-Site Request Forgery CSRF vulnerability in Csaba Kissi About Me 3000 widget plugin = 2.2.6 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Csaba Kissi About Me 3000 widget plugin = 2.2.6 versions...
CVE-2023-25474 WordPress About Me 3000 widget Plugin <= 2.2.6 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Csaba Kissi About Me 3000 widget plugin = 2.2.6 versions...
CVE-2023-25474
CVE-2023-25474: CSRF vulnerability in the About Me 3000 widget for WordPress (Csaba Kissi) affecting versions 2.2.6 if available; PT-Security explicitly recommends CSRF token validation and restricting access to sensitive actions. Patch status is not consistently defined across documents; monito...
WordPress plugin About Me 3000 widget 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress About Me 3000 widget Plugin <= 2.2.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software About Me 3000 widget Type Plugin Vulnerable versions = 2.2.6 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25474 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b613e5b81843 Credits Mika Required...