5 matches found
EUVD-2023-27981
Malicious code in bioql PyPI...
CVE-2023-23898
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in CreativeThemes Blocksy Companion plugin = 1.8.67 versions...
CVE-2024-35633 WordPress Blocksy Companion plugin <= 2.0.42 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Creative Themes Blocksy Companion blocksy-companion.This issue affects Blocksy Companion: from n/a through = 2.0.42...
CVE-2024-31932
Cross-Site Request Forgery CSRF vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through 2.0.28...
CVE-2023-23898
CVE-2023-23898 is a stored XSS in the CreativeThemes Blocksy Companion WordPress plugin up to version 1.8.67. The root cause is improper escaping/validation of the class attribute in the blocksy_posts shortcode output, exploitable by users with Contributor+ permissions. Impact is stored XSS; CVSS...