63 matches found
EUVD-2015-9197
Malware in sbrugna...
EUVD-2024-43379
Malicious code in bioql PyPI...
CVE-2015-9357
The akismet plugin before 3.1.5 for WordPress has XSS...
CVE-2024-49316
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zodiac Akismet htaccess writer akismet-htaccess-writer allows Reflected XSS.This issue affects Akismet htaccess writer: from n/a through = 1.0.1...
CVE-2024-49316
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zodiac Akismet htaccess writer akismet-htaccess-writer allows Reflected XSS.This issue affects Akismet htaccess writer: from n/a through = 1.0.1...
CVE-2024-49316
CVE-2024-49316 affects the WordPress Akismet htaccess writer plugin (versions
CVE-2024-49316 WordPress Akismet htaccess writer plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zodiac Akismet htaccess writer akismet-htaccess-writer allows Reflected XSS.This issue affects Akismet htaccess writer: from n/a through = 1.0.1...
CVE-2024-49316 WordPress Akismet htaccess writer plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zodiac Akismet htaccess writer akismet-htaccess-writer allows Reflected XSS.This issue affects Akismet htaccess writer: from n/a through = 1.0.1...
PT-2024-33456 · Unknown · Akismet Htaccess Writer
Name of the Vulnerable Software and Affected Versions: Akismet htaccess writer versions 1.0.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks. Recommendation...
WordPress plugin Akismet htaccess writer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Akismet htaccess writer plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Akismet htaccess writer versions = 1.0.1...
WordPress Akismet htaccess writer Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Akismet htaccess writer Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49316 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 909749f57b22 Credits Le Ngoc Anh Required...
CVE-2024-42613
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminwidgets.php?action=install&widget=akismet...
CVE-2024-42613
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminwidgets.php?action=install&widget=akismet...
PT-2024-30066 · Pligg Cms · Pligg Cms
Name of the Vulnerable Software and Affected Versions: Pligg CMS version 2.0.2 Description: A Cross-Site Request Forgery CSRF issue was found in Pligg CMS. The vulnerability can be exploited via the /admin/admin widgets.php endpoint with specific parameters: action=install and widget=akismet. Thi...
CVE-2024-42613
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminwidgets.php?action=install&widget=akismet...
Kliqqi CMS 安全漏洞
Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of the cross-site request forgery vulnerability , the vulnerability stems from /admin/adminwidgets.php?action=install&widget=akismet does not adequately verify that the request is from a trusted use...
Magazine Edge <= 1.13 - Subscriber+ Arbitrary Plugin Activation
The theme does not have authorisation and CSRF when activating plugins via an AJAX action, allowing any authenticated users, such as subscriber to activate arbitrary plugins Run the below command in the developer console of the web browser while being on the blog as a subscriber user...
Automattic: Akismet API keys are exposed by authentication method
We have switched to sending the Akismet API key as part of the request body by default. At the time of this report, Akismet API keys used formed part of the subdomain request to Akismet’s backend in the form api-key.rest.akismet.com. This means that the API key is transmitted over DNS - a protoco...
Comment License < 1.4.0 - Arbitrary Settings Update via CSRF
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack document.getElementById"test".submit;...