11 matches found
EUVD-2021-25705
Malware in sbrugna...
The vulnerability of the ~/admin/class-kjm-admin-notices-admin.php component of the KJM Admin Notices plugin for WordPress content management system allows a hacker to perform cross-site scripting attacks.
The vulnerability of the /admin/class-kjm-admin-notices-admin.php component of the KJM Admin Notices plugin for WordPress management systems of WordPress websites is related to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability could allow a malicious act...
CVE-2021-39344
The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...
CVE-2021-39344
The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...
Cross site scripting
The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...
CVE-2021-39344 KJM Admin Notices <= 2.0.1 Authenticated Stored Cross-Site Scripting
The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...
CVE-2021-39344 KJM Admin Notices <= 2.0.1 Authenticated Stored Cross-Site Scripting
The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...
CVE-2021-39344
CVE-2021-39344: The KJM Admin Notices WordPress plugin (versions
WordPress 插件 跨站脚本漏洞
WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin KJM Admin Notices, which stems from insufficient input validation and cleanup of several parameters found in the /admin/class-kjm-admin-notices-admin.php file,...
KJM Admin Notices <= 2.0.1 - Admin+ Stored Cross-Site Scripting
The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary web scripts. This affects...
WordPress KJM Admin Notices plugin <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress KJM Admin Notices plugin versions = 2.0.1. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary...