EUVD-2022-24940

Malicious code in bioql PyPI...

EUVD-2022-24945

Malicious code in bioql PyPI...

WordPress Jupiterx Core plugin <= 4.8.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Inline SVG vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Inline SVG vulnerability discovered by stealthcopter in WordPress Plugin JupiterX Core versions = 4.8.12...

WordPress JupiterX Core plugin <= 4.8.11 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Michael in WordPress Plugin JupiterX Core versions = 4.8.11...

CVE-2022-1654

Jupiter Theme = 6.10.1 and JupiterX Core Plugin = 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abbuninstalltemplate" both and "jupiterxcorecpuninstalltemplate" JupiterX Core Only AJAX actions...

WordPress Jupiter X Core plugin <= 4.8.5 - Missing Authorization to Unauthenticated Popup Template Export vulnerability

Missing Authorization to Unauthenticated Popup Template Export vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin JupiterX Core versions = 4.8.5...

VulnCheck KEV: CVE-2023-38389

JupiterX Core Plugin for WordPress is vulnerable to a privilege escalation vulnerability...

CVE-2022-1654

Jupiter Theme = 6.10.1 and JupiterX Core Plugin = 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abbuninstalltemplate" both and "jupiterxcorecpuninstalltemplate" JupiterX Core Only AJAX actions...

CVE-2022-1654

Jupiter Theme = 6.10.1 and JupiterX Core Plugin = 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abbuninstalltemplate" both and "jupiterxcorecpuninstalltemplate" JupiterX Core Only AJAX actions...

Code injection

Jupiter Theme = 6.10.1 and JupiterX Core Plugin = 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abbuninstalltemplate" both and "jupiterxcorecpuninstalltemplate" JupiterX Core Only AJAX actions...

CVE-2022-1654 Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 - Authenticated Privilege Escalation

Jupiter Theme = 6.10.1 and JupiterX Core Plugin = 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abbuninstalltemplate" both and "jupiterxcorecpuninstalltemplate" JupiterX Core Only AJAX actions...

CVE-2022-1654

CVE-2022-1654 affects Jupiter Theme (&lt;= 6.10.1) and JupiterX Core Plugin (

PT-2022-14027 · Unknown · Jupiter Theme +1

Name of the Vulnerable Software and Affected Versions: JupiterX Theme versions =2.0.6 JupiterX Core Plugin versions =2.0.6 Description: The issue allows any logged-in user to access functions registered in "lib/api/api/ajax.php", including jupiterx api ajax actions. This grants the ability to...

JupiterX Core 安全漏洞

WordPress and JupiterX Core are products of the WordPress Foundation, a blogging platform developed using the PHP language. WordPress theme is a theme for WordPress. The WordPress Jupiter Theme and JupiterX Core Plugin have an elevation of privilege vulnerability that could be exploited to gain...