36 matches found
EUVD-2024-47001
Malicious code in bioql PyPI...
EUVD-2024-30483
Malicious code in bioql PyPI...
CVE-2024-32696
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – iList: from n/a through 4.6.6...
CVE-2024-5858
The AI Infographic Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the qcldopenaititlegeneratedesc AJAX action in all versions up to, and including, 4.7.4. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2024-12415
The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible...
CVE-2022-0747
The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the postid parameter before using it in a SQL statement via the qcldupvoteaction AJAX action available to unauthenticated and authenticated users, leading to an unauthenticated SQL Injection...
CVE-2024-12415 AI Infographic Maker <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution
The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible...
CVE-2024-12415 AI Infographic Maker <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution
The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible...
CVE-2024-12415
CVE-2024-12415 : The WordPress AI Infographic Maker plugin is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to and including 4.9.0. The flaw arises from executing a value via do_shortcode without proper validation, enabling attackers to run arbitrary shortcodes. A...
WordPress plugin The AI Infographic Maker 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code injection vulnerabilit...
WordPress AI Infographic Maker plugin <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Infographic Maker – iList versions = 4.9.0...
CVE-2024-5858
CVE-2024-5858 affects the AI Infographic Maker (Infographic Maker – iList) WordPress plugin. The vulnerability arises from a missing capability check on the qcld_openai_title_generate_desc AJAX action, allowing authenticated attackers with Subscriber+ access to modify arbitrary post titles in all...
CVE-2024-5858 Infographic Maker iList <= 4.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Title Update
The AI Infographic Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the qcldopenaititlegeneratedesc AJAX action in all versions up to, and including, 4.7.4. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2024-5858 Infographic Maker iList <= 4.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Title Update
The AI Infographic Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the qcldopenaititlegeneratedesc AJAX action in all versions up to, and including, 4.7.4. This makes it possible for authenticated attackers, with Subscriber-level...
WordPress plugin AI Infographic Maker security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Infographic Maker iList plugin <= 4.7.4 - Authenticated Arbitrary Title Update vulnerability
Authenticated Arbitrary Title Update vulnerability discovered by Lucio Sá in WordPress Plugin Infographic Maker – iList versions = 4.7.4...
Infographic Maker iList < 4.7.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Title Update
Description The AI Infographic Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the qcldopenaititlegeneratedesc AJAX action in all versions up to, and including, 4.7.4. This makes it possible for authenticated attackers, with...
WordPress Infographic Maker – iList Plugin <= 4.7.4 is vulnerable to Broken Access Control
Software Infographic Maker – iList Type Plugin Vulnerable versions = 4.7.4 Fixed in 4.7.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5858 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6989eeefac46 Credits Lucio Sá Required...
CVE-2024-32696
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – iList: from n/a through 4.6.6...
CVE-2024-32696 WordPress AI Infographic Maker OpenAI plugin <= 4.6.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – iList: from n/a through 4.6.6...