EUVD-2024-37592

Malicious code in bioql PyPI...

EUVD-2024-37591

Malicious code in bioql PyPI...

CVE-2024-38744

Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0...

CVE-2024-38744

Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0...

CVE-2024-38744

CVE-2024-38744 (Plum: Spin Wheel & Email Pop-up) is tied to Upqode Plum plugin versions n/a through 2.0, with a Missing Authorization vulnerability that enables access to constrained functionality and stores XSS. Public sources indicate unauthenticated access to restricted features and stored XSS...

CVE-2024-38743

CVE-2024-38743 is a WordPress plugin vulnerability in Plum: Spin Wheel & Email Pop-up (Upqode) affecting versions through 2.0. The connected sources describe a Broken Access Control issue (unauthorized access) in Plum: Spin Wheel & Email Pop-up

CVE-2024-38743 WordPress Plum: Spin Wheel & Email Pop-up plugin <= 2.0 - Broken Access Control vulnerability

Access Control vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows . This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0...

CVE-2024-38744 WordPress Plum: Spin Wheel & Email Pop-up plugin <= 2.0 - Broken Access Control to Unauth Stored XSS vulnerability

Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0...

CVE-2024-38744 WordPress Plum: Spin Wheel & Email Pop-up plugin <= 2.0 - Broken Access Control to Unauth Stored XSS vulnerability

Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0...

PT-2024-28188 · Upqode · Upqode Plum: Spin Wheel & Email Pop-Up

Name of the Vulnerable Software and Affected Versions: Upqode Plum: Spin Wheel & Email Pop-up versions n/a through 2.0 Description: The issue affects the Upqode Plum: Spin Wheel & Email Pop-up plugin, allowing access to functionality not properly constrained by ACLs, and stored XSS...

PT-2024-28187 · Upqode · Upqode Plum: Spin Wheel & Email Pop-Up

Name of the Vulnerable Software and Affected Versions: Upqode Plum: Spin Wheel & Email Pop-up versions n/a through 2.0 Description: The issue is related to an Access Control vulnerability. It affects the functionality of the software, potentially allowing unauthorized access. Recommendations: For...

WordPress plugin Plum: Spin Wheel & Email Pop-up 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plug-in. A security vulnerability exists in WordPress...

WordPress plugin Plum: Spin Wheel & Email Pop-up 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plug-in. A security vulnerability exists in WordPress...

WordPress Plum: Spin Wheel & Email Pop-up plugin <= 2.0 - Broken Access Control to Unauth Stored XSS vulnerability

Broken Access Control to Unauth Stored XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Plum: Spin Wheel & Email Pop-up versions = 2.0...

WordPress Plum: Spin Wheel & Email Pop-up plugin <= 2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Plum: Spin Wheel & Email Pop-up versions = 2.0...

WordPress Plum: Spin Wheel & Email Pop-up Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software Plum: Spin Wheel & Email Pop-up Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A1: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38744 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 688ef82694b8 Credits Ananda Dhakal Patchstack...