EUVD-2014-4643

Malware in sbrugna...

EUVD-2021-34234

Malicious code in bioql PyPI...

EUVD-2024-49427

Malicious code in bioql PyPI...

CVE-2024-8799

The Custom Banners plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...

CVE-2021-4407

The Custom Banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.2 This is due to missing or incorrect nonce validation on the saveCustomFields function. This makes it possible for unauthenticated attackers to save custom fields via a forge...

Cross site request forgery (csrf)

The Custom Banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.2 This is due to missing or incorrect nonce validation on the saveCustomFields function. This makes it possible for unauthenticated attackers to save custom fields via a forge...

CVE-2014-4724

The CVE-2014-4724 entry affects the WordPress plugin Custom Banners 1.2.2.2 . The vulnerability is an XSS issue where an attacker can inject arbitrary script/HTML via the parameter custom_banners_registered_name sent to wp-admin/options.php . This could allow remote, unauthenticated or authentica...

WordPress Custom Banners Plugin <= 1.2.2.2 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "custombannersregisteredname" parameter to wp-admin/options.php. Solution Update the plugin...