12 matches found
EUVD-2024-35457
Malicious code in bioql PyPI...
EUVD-2023-27890
Malicious code in bioql PyPI...
CVE-2024-35699
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2023-23804
Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...
CVE-2024-35699
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2024-35699 WordPress HT Feed plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2024-35699
CVE-2024-35699 is a Stored XSS flaw in HT Feed (HasThemes) affecting HT Feed versions up to 1.2.8. The issue arises from improper input neutralization during web page generation, enabling authenticated users to inject scripts. Red Hat/ENISA Wordfence context confirms the vulnerability and notes a...
CVE-2023-23804
Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...
CVE-2023-23804
Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...
CVE-2023-23804
CVE-2023-23804 affects the HasThemes HT Feed WordPress plugin up to version 1.2.7. It is a CSRF vulnerability (unauthenticated) with a remediation that patches are available in version 1.2.8. PatchStack notes the issue as low severity/low exploit likelihood and recommends updating to 1.2.8 to fix...
PT-2023-19219 · Hasthemes · Ht Feed
Name of the Vulnerable Software and Affected Versions: HasThemes HT Feed plugin versions 1.2.7 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a we...