15 matches found
CVE-2023-49160
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.6...
EUVD-2023-53165
Malicious code in bioql PyPI...
EUVD-2024-19871
Malicious code in bioql PyPI...
CVE-2024-22310
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.7...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.7...
CVE-2024-22310
CVE-2024-22310 affects Formzu WP (WordPress plugin) up to version 1.6.7 and is caused by improper neutralization of input during web page generation, enabling Stored XSS. The vulnerability targets the plugin’s handling of user-supplied input in the WordPress pages, leading to cross-site scripting...
CVE-2024-22310 WordPress Formzu WP Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.7...
WordPress plugin Formzu WP Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2024-19333 · Formzu Wp · Formzu Wp
Name of the Vulnerable Software and Affected Versions: Formzu WP versions 1.6.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS in Formzu WP. Recommendations: For versions...
Formzu WP < 1.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Formzu WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress Formzu WP Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)
Software Formzu WP Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22310 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e73af945ea06 Credits Ngô Thiên An ancorn from VNPT-VCI Required...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.6...
CVE-2023-49160 WordPress Formzu WP Plugin <= 1.6.6 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.6...
CVE-2023-49160
CVE-2023-49160 is a stored XSS vulnerability in the WordPress Formzu WP plugin (Formzu WP) affecting versions 1.6.6 and earlier. The issue stems from improper neutralization of input during web page generation, enabling stored cross-site scripting. Red Hat and Patchstack corroborate the vulnerabi...
WordPress Formzu WP Plugin <= 1.6.6 is vulnerable to Cross Site Scripting (XSS)
Software Formzu WP Type Plugin Vulnerable versions = 1.6.6 Fixed in 1.6.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49160 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b816d29117f3 Credits resecured.io Required privilege Contributor...