7 matches found
WordPress Community by PeepSo plugin <= 6.4.6.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by rajanhoyr in WordPress Plugin Community by PeepSo versions = 6.4.6.2...
CVE-2024-9873
The Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via URLs in posts, comments, and profiles when Markdown support is enabled in all versions up to, and including, 6.4.6.1 due to...
WordPress Community by PeepSo Plugin <= 6.4.6.1 is vulnerable to Cross Site Scripting (XSS)
Software Community by PeepSo Type Plugin Vulnerable versions = 6.4.6.1 Fixed in 6.4.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9873 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 149b9a71dcfc Credits Bikram...
CVE-2024-7655
CVE-2024-7655 affects the WordPress plugin Community by PeepSo – Social Network, Membership, Registration, User Profiles, up to and including version 6.4.5.0. The issue is Stored Cross-Site Scripting caused by insufficient input sanitization and output escaping, exploitable by authenticated attac...
CVE-2023-7125 Community by PeepSo < 6.3.1.2 - User Post Creation via CSRF
The Community by PeepSo WordPress plugin before 6.3.1.2 does not have CSRF check when creating a user post visible on their wall in their profile page, which could allow attackers to make logged in users perform such action via a CSRF attack...
CVE-2024-0187 Community by PeepSo < 6.3.1.2 - Reflected XSS
The Community by PeepSo WordPress plugin before 6.3.1.2 does not sanitise and escape various parameters and generated URLs before outputting them back attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress plugin Community by PeepSo 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...