244 matches found
CVE-2023-36384
Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...
CVE-2023-36384
Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...
CVE-2023-36384
CVE-2023-36384 affects the Booking Calendar Contact Form WordPress plugin, vulnerable in versions
Booking Calendar Contact Form < 1.2.41 - Unauthenticated Reflected Cross-Site Scripting
Description Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...
CVE-2023-23971
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in CodePeople WP Time Slots Booking Form plugin = 1.1.81 versions...
CVE-2023-23971
Summary: CVE-2023-23971 affects the CodePeople WP Time Slots Booking Form WordPress plugin (versions ≤ 1.1.81). The root cause is an authenticated stored XSS due to insufficient sanitization/escaping in plugin settings, enabling an admin+ user to inject scripts that could be executed by other use...
PT-2023-19326 · Codepeople · Codepeople Wp Time Slots Booking Form
Name of the Vulnerable Software and Affected Versions: CodePeople WP Time Slots Booking Form plugin versions = 1.1.81 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin or higher privileges can inject malicio...
CVE-2014-125091
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...
Sql injection
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...
CVE-2014-125091 codepeople cp-polls Plugin cp-admin-int-message-list.inc.php sql injection
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...
CVE-2014-125091 codepeople cp-polls Plugin cp-admin-int-message-list.inc.php sql injection
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...
CVE-2014-125091
The CVE-2014-125091 entry concerns the codepeople cp-polls Plugin for WordPress (version 1.0.1). The vulnerability exists in the file cp-admin-int-message-list.inc.php and is triggered by manipulating the lu parameter to induce SQL injection. It is exploitable remotely, with upgrading to version ...
PT-2023-10159 · Codepeople · Codepeople Cp-Polls Plugin
Name of the Vulnerable Software and Affected Versions: codepeople cp-polls Plugin version 1.0.1 Description: A critical issue has been found in the codepeople cp-polls Plugin, affecting unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the lu argument leads to sql...
PT-2022-14050
Name of the Vulnerable Software and Affected Versions CP Image Store with Slideshow WordPress plugin versions prior to 1.0.68 Description The issue allows unauthenticated users to perform an SQL injection attack due to the lack of sanitization and escaping of the ordering by query parameter in SQ...
WordPress CodePeople Payment Form for PayPal Pro SQL Injection Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress CodePeople Payment Form for PayPal Pro suffers from a SQL injection vulnerability that can be...
CVE-2020-14092
The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection...
CVE-2020-14092
The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection...
Sql injection
The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection...
CVE-2020-14092
Summary: CVE-2020-14092 affects the WordPress plugin “CodePeople Payment Form for PayPal Pro” up to version 1.1.65. The vulnerability is an SQL injection via the vulnerable plugin’s query parameter, allowing unauthenticated attackers to execute arbitrary SQL and have results output in JSON. The C...