16 matches found
EUVD-2024-35531
Malicious code in bioql PyPI...
EUVD-2023-49330
Malicious code in bioql PyPI...
CVE-2023-45008
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPJohnny Comment Reply Email plugin = 1.0.3 versions...
CVE-2024-35773
Cross-Site Request Forgery CSRF vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting XSS.This issue affects Comment Reply Email: from n/a through 1.3...
CVE-2024-35773
Cross-Site Request Forgery CSRF vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting XSS.This issue affects Comment Reply Email: from n/a through 1.3...
CVE-2024-35773
CVE-2024-35773 is a CSRF-to-stored XSS vulnerability in the WPJohnny zerOneIT Comment Reply Email WordPress plugin (Comment Reply Email) affecting version 1.3 and earlier. The issue enables cross-site scripting via the comment reply email flow. Public reports in multiple sources confirm the vulne...
CVE-2024-35773 WordPress Comment Reply Email plugin <= 1.3 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting XSS.This issue affects Comment Reply Email: from n/a through 1.3...
CVE-2024-35773 WordPress Comment Reply Email plugin <= 1.3 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting XSS.This issue affects Comment Reply Email: from n/a through 1.3...
PT-2024-26728 · Wpjohnny · Comment Reply Email
Name of the Vulnerable Software and Affected Versions: Comment Reply Email versions 1.3 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability and also allows Cross-Site Scripting XSS in WPJohnny, specifically in the zerOneIT Comment Reply Email...
WordPress Comment Reply Email plugin <= 1.3 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Masamichi Aoki Patchstack Alliance in WordPress Plugin Comment Reply Email versions = 1.3...
WordPress Comment Reply Email Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)
Software Comment Reply Email Type Plugin Vulnerable versions = 1.3 Fixed in 1.5 OWASP Top 10 A1: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35773 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 8f46fb8fc4c8 Credits Masamichi Aoki Required privilege...
CVE-2023-45008
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPJohnny Comment Reply Email plugin = 1.0.3 versions...
CVE-2023-45008 WordPress Comment Reply Email Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPJohnny Comment Reply Email plugin = 1.0.3 versions...
CVE-2023-45008
CVE-2023-45008 affects the WPJohnny Comment Reply Email plugin for WordPress (versions ≤ 1.0.3). The vulnerability is an authenticated (admin+) Stored Cross-Site Scripting (XSS) flaw arising from insufficient input validation/escaping in the plugin, enabling an admin or higher-privileged user to ...
WordPress Plugin Comment Reply Email Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...
WordPress Comment Reply Email Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Comment Reply Email Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-45008 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fa87fe52845c Credits Yebin Lee Required privilege...