EUVD-2023-12552

Malicious code in bioql PyPI...

EUVD-2024-45474

Malicious code in bioql PyPI...

CVE-2024-51673

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through = 2.4.4...

CVE-2023-0504

The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

CVE-2024-51673

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through 2.4.4...

CVE-2024-51673

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through = 2.4.4...

CVE-2024-51673 WordPress HT Politic plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through = 2.4.4...

CVE-2024-51673 WordPress HT Politic plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through = 2.4.4...

CVE-2024-51673

CVE-2024-51673: WordPress HT Politic plugin suffers DOM-based XSS due to improper input neutralization during page generation in versions up to 2.4.4 (affects HT Politic: from n/a through 2.4.4). The vulnerability can enable script injection by manipulating input processed during page rendering. ...

WordPress plugin HT Politic 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-34818

Name of the Vulnerable Software and Affected Versions HasThemes HT Politic versions n/a through 2.4.4 Description The issue is related to improper neutralization of input during web page generation, allowing DOM-Based XSS. This is a type of Cross-site Scripting vulnerability. Recommendations For...

WordPress HT Politic plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Yusuf Patchstack Alliance in WordPress Plugin HT Politic versions = 2.4.4...

WordPress HT Politic Plugin <= 2.4.4 is vulnerable to Cross Site Scripting (XSS)

Software HT Politic Type Plugin Vulnerable versions = 2.4.4 Fixed in 2.4.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51673 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 39e8e481cad3 Credits Khalid Yusuf Required privilege Contributor...

WordPress HT Politic Plugin < 2.3.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software HT Politic Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0504 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 55ae20212639 Credits Lana Codes Required privile...

CVE-2023-0504

The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

CVE-2023-0504

The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

Cross site request forgery (csrf)

The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

CVE-2023-0504 HT Politic < 2.3.8 - Arbitrary Plugin Activation via CSRF

The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

CVE-2023-0504 HT Politic < 2.3.8 - Arbitrary Plugin Activation via CSRF

The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

CVE-2023-0504

CVE-2023-0504 – HT Politic WordPress plugin prior to 2.3.8 suffers a CSRF flaw during plugin activation, allowing a CSRF attacker to cause logged-in admins to activate arbitrary plugins. This requires an authenticated admin user and CSRF interaction. Impact : arbitrary plugin activation within th...