36 matches found
EUVD-2021-11488
Malware in sbrugna...
EUVD-2024-45592
Malicious code in bioql PyPI...
EUVD-2022-51831
Malicious code in bioql PyPI...
CVE-2024-1363
The Easy Accordion – Best Accordion FAQ Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'accordioncontentsource' attribute in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2024-51660
Missing Authorization vulnerability in Binsaifullah Easy Accordion Gutenberg Block easy-accordion-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Accordion Gutenberg Block: from n/a through = 1.2.3...
CVE-2022-4487
The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privile...
CVE-2021-24576
The Easy Accordion WordPress plugin before 2.0.22 does not properly sanitize inputs when adding new items to an accordion...
CVE-2024-51660
Missing Authorization vulnerability in Binsaifullah Easy Accordion Gutenberg Block easy-accordion-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Accordion Gutenberg Block: from n/a through = 1.2.3...
CVE-2024-51660
CVE-2024-51660 concerns the WordPress plugin Easy Accordion Gutenberg Block (Zakaria Binsaifullah) with a Missing Authorization vulnerability reported for versions up to 1.2.3. The CVE entry states Broken Access Control / Missing Authorization allowing exploitation due to incorrectly configured a...
PT-2024-34805 · WordPress · Zakaria Binsaifullah Easy Accordion Gutenberg Block
Name of the Vulnerable Software and Affected Versions: Zakaria Binsaifullah Easy Accordion Gutenberg Block versions 1.2.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels...
WordPress plugin Easy Accordion Gutenberg Block 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Easy Accordion Gutenberg Block plugin <= 1.2.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Easy Accordion Gutenberg Block versions = 1.2.3...
WordPress Easy Accordion Plugin <= 2.3.4 is vulnerable to Cross Site Scripting (XSS)
Software Easy Accordion Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1363 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b3812cd4e073 Credits Ngô Thiên An ancorn...
CVE-2024-1363
The Easy Accordion – Best Accordion FAQ Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'accordioncontentsource' attribute in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible...
Cross site scripting
The Easy Accordion – Best Accordion FAQ Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'accordioncontentsource' attribute in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2024-1363
CVE-2024-1363 corresponds to the WordPress plugin Easy Accordion – Best Accordion FAQ Plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) due to insufficient input sanitization and output escaping in the accordion_content_source attribute. Affected versions are all up t...
CVE-2024-1363 Easy Accordion – Best Accordion FAQ Plugin for WordPress <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Easy Accordion – Best Accordion FAQ Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'accordioncontentsource' attribute in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible...
WordPress Plugin Easy Accordion Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2022-4487
The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privile...
CVE-2022-4487
The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privile...