6 matches found
EUVD-2023-23836
Malicious code in bioql PyPI...
CVE-2023-1602
creationtimestamp| type| source ---|---|--- 2024-08-17 10:37:23+00:00| seen| https://t.me/cvedetector/3382...
CVE-2023-1604
The CVE-2023-1604 entry concerns the WordPress Short URL plugin (versions up to 1.6.8). The underlying issue is missing or incorrect nonce validation in the configuration_page function, which leads to a Cross-Site Request Forgery. As a result, unauthenticated attackers can trick a site administra...
CVE-2023-1602
The Short URL plugin for WordPress is vulnerable to stored Cross-Site Scripting via the 'comment' parameter due to insufficient input sanitization and output escaping in versions up to, and including, 1.6.4. This makes it possible for authenticated attackers, with administrator-level permissions...
CVE-2023-1602
The Short URL plugin for WordPress is vulnerable to stored Cross-Site Scripting via the 'comment' parameter due to insufficient input sanitization and output escaping in versions up to, and including, 1.6.4. This makes it possible for authenticated attackers, with administrator-level permissions...
WordPress Short URL Plugin <= 1.6.4 is vulnerable to Cross Site Scripting (XSS)
Software Short URL Type Plugin Vulnerable versions = 1.6.4 Fixed in 1.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1602 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 52582bfc5da0 Credits Etan Imanol Castro Aldrete...