6 matches found
EUVD-2024-17499
Malicious code in bioql PyPI...
WordPress Customily Product Personalizer plugin <= 1.23.3 - Unauthenticated Stored Cross-Site Scripting vulnerability
Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Customily Product Personalizer versions = 1.23.3...
WordPress Customily Product Personalizer Plugin <= 1.23.3 is vulnerable to Cross Site Scripting (XSS)
Software Customily Product Personalizer Type Plugin Vulnerable versions = 1.23.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1774 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 736e090b7cc5 Credits...
CVE-2024-1774
CVE-2024-1774 affects the Customily Product Personalizer WordPress plugin. It is an unauthenticated Stored Cross-Site Scripting via user cookies in all versions up to 1.23.3 due to insufficient input sanitization and output escaping, enabling arbitrary scripts to run when users visit injected pag...
CVE-2024-1774 Customily Product Personalizer <= 1.23.3 - Unauthenticated Stored Cross-Site Scripting
The Customily Product Personalizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via user cookies in all versions up to, and including, 1.23.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
WordPress Plugin Customily Product Personalizer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...