CVE-2024-34820

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

EUVD-2024-35085

Malicious code in bioql PyPI...

EUVD-2023-56205

Malicious code in bioql PyPI...

PT-2025-35736

Name of the Vulnerable Software and Affected Versions: IfSo Dynamic Content Personalization versions through 1.9.4 Description: The software contains a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks...

WordPress plugin If-So Dynamic Content Personalization cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2025-49875

CVE-2025-49875 is a Stored XSS in the WordPress plugin If-So Dynamic Content Personalization (versions up to 1.9.3.1). Public sources confirm impact as Cross Site Scripting via input handling in web page generation. The vulnerability affects the If-So Dynamic Content Personalization plugin; explo...

WordPress plugin If-So Dynamic Content Personalization cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-51492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...

CVE-2024-10796

CVE-2024-10796 (If-So Dynamic Content Personalization, WordPress) The WordPress plugin is vulnerable to information exposure on all versions up to 1.9.2.1 via the ifso-show-post shortcode due to insufficient post access restrictions. Authenticated attackers with Contributor level or higher could ...

WordPress If-So Dynamic Content Personalization Plugin <= 1.9.2.1 is vulnerable to Broken Access Control

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions = 1.9.2.1 Fixed in 1.9.2.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10796 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

WordPress if-so plugin < 1.8.0.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin If-So Dynamic Content Personalization versions 1.8.0.4...

WordPress If-So Dynamic Content Personalization Plugin < 1.8.0.4 is vulnerable to Cross Site Scripting (XSS)

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions 1.8.0.4 Fixed in 1.8.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6070 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aeca1edb610d Credits...

CVE-2024-5713 if-so < 1.8.0.4 - Reflected XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

PT-2024-37364 · WordPress · If-So Dynamic Content Personalization

Name of the Vulnerable Software and Affected Versions: If-So Dynamic Content Personalization WordPress plugin versions prior to 1.8.0.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html...

CVE-2024-34820

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

CVE-2024-34820 WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

CVE-2024-34820

CVE-2024-34820 : Missing Authorization vulnerability in the WordPress plugin If-So Dynamic Content Personalization (version range: n/a through 1.7.1). Multiple sources (e.g., Red Hat advisories, NVD/NVD detail) corroborate the same issue. The description specifies a broken/absent authorization co...

WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin If-So Dynamic Content Personalization versions = 1.7.1...

WordPress If-So Dynamic Content Personalization Plugin <= 1.7.1 is vulnerable to Broken Access Control

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34820 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e6c0da09a185 Credits...

CVE-2023-51492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...