27 matches found
Dyn Business Panel Plugin <= 1.0.0 - Cross-Site Scripting
Dyn Business Panel WordPress plugin = 1.0.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter in output, letting attackers execute scripts in the context of high privilege users, exploit requires victim to click a malicious link. id: CVE-2024-130...
WordPress Dyn Business Panel plugin <= 1.0.0 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin Dyn Business Panel versions = 1.0.0...
EUVD-2024-51311
Malicious code in bioql PyPI...
EUVD-2024-51310
Malicious code in bioql PyPI...
EUVD-2024-51309
Malicious code in bioql PyPI...
CVE-2024-13055
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Dyn Business Panel plugin <= 1.0.0 - Stored XSS via CSRF vulnerability
Stored XSS via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Dyn Business Panel versions = 1.0.0...
WordPress Dyn Business Panel plugin <= 1.0.0 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Dyn Business Panel versions = 1.0.0...
CVE-2024-13056
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13056
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13055
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13055
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13057 Dyn Business Panel <= 1.0.0 - Stored XSS via CSRF
The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-13056 Dyn Business Panel <= 1.0.0 - Reflected XSS
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13056
CVE-2024-13056 applies to the Dyn Business Panel WordPress plugin (versions up to 1.0.0). The issue is a Reflected Cross‑Site Scripting caused by insufficient sanitisation/escaping of a parameter, which could be exploited against high-privilege users such as admins. The connected documents corrob...
CVE-2024-13057 Dyn Business Panel <= 1.0.0 - Stored XSS via CSRF
The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-13056 Dyn Business Panel <= 1.0.0 - Reflected XSS
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13057
CVE-2024-13057 affects the Dyn Business Panel WordPress plugin (versions up to 1.0.0). The connected sources describe a missing CSRF check in some areas and lack of input sanitisation/escaping, enabling a logged-in admin to inject Stored XSS via a CSRF attack. The CVE notes this as a Stored Cross...
CVE-2024-13055 Dyn Business Panel <= 1.0.0 - Reflected XSS
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13055 Dyn Business Panel <= 1.0.0 - Reflected XSS
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...