106 matches found
MAL-2025-2301 Malicious code in code-snippet-editor-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a18fa3d11188e4b7891ebae39b972feeef16bdfe9a92659b7efc450374065e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-11816
The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Remote Code Execution in version 3.0.11. This is due to a missing capability check on the 'wpexthandlesnippetupdate' function. This makes it possible for authenticated attackers, with Subscriber-level access and...
CKEditor < 4.25.0-LTS Multiples Cross-Site Scripting
According to its self-reported version number, the CKEditor application running on the remote host is prior to 4.25.0-LTS or 4.22.x prior to 4.25.0-LTS. It is, therefore, affected by multiples Cross-Site-Scripting : - In CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected...
CKEditor 4.x < 4.25.0 Multiple Vulnerabilities - Windows
CKEditor 4 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ckeditor:ckeditor"; ifdescriptio...
Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability
Affected packages The vulnerability has been discovered in Code Snippet GeSHi plugin. All integrators that use GeSHi syntax highlighter on the backend side can be affected. Impact A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a...
DEBIAN-CVE-2024-43407
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...
UBUNTU-CVE-2024-43407
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...
CVE-2024-43407 Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...
CVE-2024-43407 Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...
CVE-2024-43407
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...
PT-2024-30564 · Geshi +3 · Geshi +3
Name of the Vulnerable Software and Affected Versions: CKEditor4 versions prior to 4.25.0-lts Description: A potential vulnerability has been discovered in the CKEditor 4 Code Snippet GeSHi plugin, allowing a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library. The...
Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability
Affected packages The vulnerability has been discovered in Code Snippet GeSHi plugin. All integrators that use GeSHi syntax highlighter on the backend side can be affected. Impact A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a...
CVE-2024-43275
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Collision with another CVE...
CVE-2024-43275
...
CVE-2024-43275
The CVE-2024-43275 entry maps to a CSRF vulnerability in the WordPress plugin “Insert PHP Code Snippet” (versions
CVE-2024-43275
...
WordPress Insert PHP Code Snippet plugin <= 1.3.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Insert PHP Code Snippet versions = 1.3.6...
WordPress plugin Insert PHP Code Snippet 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Insert PHP Code Snippet 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2021-47585
CVE-2021-47585 concerns a memory leak in the Linux kernel's btrfs __add_inode_ref path. The issue arises from allocating victim_name with kmalloc at two points (lines 1104 and 1169) and returning from the function without freeing the previously allocated memory when backref_in_log() returns an er...