20 matches found
EUVD-2024-51071
Malicious code in bioql PyPI...
EUVD-2024-51078
Malicious code in bioql PyPI...
CVE-2024-12731
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12717
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress Aklamator INfeed plugin <= 2.0.0 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Aklamator INfeed versions = 2.0.0...
WordPress Aklamator INfeed plugin <= 2.0.0 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Aklamator INfeed versions = 2.0.0...
CVE-2024-12731
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12717
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12717
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12731
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12731 aklamator-infeed <= 2.0.0 - Reflected XSS
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12731
CVE-2024-12731 describes a Reflected XSS in the Aklamator INfeed WordPress plugin up to version 2.0.0. The flaw arises from insufficient sanitisation/escaping of a parameter before it is echoed back on the page, enabling an attacker to craft a payload that could affect high-privilege users (e.g.,...
CVE-2024-12731 aklamator-infeed <= 2.0.0 - Reflected XSS
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12717
CVE-2024-12717 affects the Aklamator INfeed WordPress plugin (≤2.0.0); insufficient sanitization/escaping of settings can let high-privilege users (e.g., Admin) perform Stored XSS even when unfiltered_html is disallowed (e.g., multisite). Public remediation/fix details are not provided in the sup...
CVE-2024-12717 aklamator-infeed <= 2.0.0 - Admin+ Stored XSS
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12717 aklamator-infeed <= 2.0.0 - Admin+ Stored XSS
The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2025-1938 · WordPress · Aklamator Infeed
Name of the Vulnerable Software and Affected Versions: Aklamator INfeed WordPress plugin versions through 2.0.0 Description: The issue concerns the Aklamator INfeed WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high privilege users, such as...
PT-2025-1940 · WordPress · Aklamator Infeed
Name of the Vulnerable Software and Affected Versions: Aklamator INfeed WordPress plugin versions through 2.0.0 Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. This coul...
WordPress plugin Aklamator INfeed 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Aklamator INfeed 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...