CVE-2023-47223

CVE-2023-47223 affects the WordPress plugin Basic Interactive World Map (WP Map Plugins) version ≤ 2.0. The vulnerability is a stored XSS due to inadequate escaping of input in the affected component, with an attacker (admin+ privileges) able to trigger it. The issue is classified with low to med...

Basic Interactive World Map < 2.7 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-46823

A vulnerability in Avirtum ImageLinks Interactive Image Builder imagelinks-interactive-image-builder-lite.This issue affects ImageLinks Interactive Image Builder: from n/a through = 1.5.4...

CVE-2023-46823

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4...

CVE-2023-46823 WordPress ImageLinks Interactive Image Builder Plugin <= 1.5.4 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4...

WordPress Plugin ImageLinks Interactive Image Builder for WordPress SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin ImageLinks Interactiv...

WordPress Basic Interactive World Map Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software Basic Interactive World Map Type Plugin Vulnerable versions = 2.0 Fixed in 2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47223 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 49944254b130 Credits DoYeon Park p6rkdoye0n Require...

TrafficWatch - TrafficWatch, A Packet Sniffer Tool, Allows You To Monitor And Analyze Network Traffic From PCAP Files

TrafficWatch, a packet sniffer tool, allows you to monitor and analyze network traffic from PCAP files. It provides insights into various network protocols and can help with network troubleshooting, security analysis, and more. Protocol-specific packet analysis for ARP, ICMP, TCP, UDP, DNS, DHCP,...

WordPress ImageLinks Interactive Image Builder Plugin <= 1.5.4 is vulnerable to SQL Injection

Software ImageLinks Interactive Image Builder Type Plugin Vulnerable versions = 1.5.4 Fixed in 1.6.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-46823 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID de9ca3aa968d Credits Muhammad Daffa Required...

Commander - A Command And Control (C2) Server

Commander is a command and control framework C2 written in Python, Flask and SQLite. It comes with two agents written in Python and C. Under Continuous Development Not script-kiddie friendly Features Fully encrypted communication TLS Multiple Agents Obfuscation Interactive Sessions Scalable Base6...

CVE-2023-4950

The Interactive Contact Form and Multi Step Form Builder WordPress plugin before 3.4 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

WordPress plugin Interactive Contact Form and Multi Step Form Builder Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

CVE-2023-45060

Cross-Site Request Forgery CSRF vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

CVE-2023-45060 WordPress Interactive World Map Plugin <= 3.2.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

CVE-2023-45060

CVE-2023-45060 is a CSRF vulnerability in the Fla-shop.Com Interactive World Map WordPress plugin, affected versions are

WordPress plugin Interactive World Map Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

Interactive World Map <= 3.2.0 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

PT-2023-29380 · Unknown · Fla-Shop.Com Interactive World Map

Name of the Vulnerable Software and Affected Versions: Fla-shop.Com Interactive World Map plugin versions = 3.2.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions ...