31 matches found
CVE-2023-4774
The WP-Matomo Integration WP-Piwik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
EUVD-2023-37381
Malicious code in bioql PyPI...
EUVD-2022-6056
Malicious code in bioql PyPI...
EUVD-2023-54620
Malicious code in bioql PyPI...
CVE-2023-33211
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...
CVE-2022-33156
The matomointegration aka Matomo Integration extension before 1.3.2 for TYPO3 allows XSS...
BIT-MATOMO-2022-33156
The matomointegration aka Matomo Integration extension before 1.3.2 for TYPO3 allows XSS...
Cross site scripting
The WP-Matomo Integration WP-Piwik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2023-4774
WP-Matomo Integration (WP-Piwik) for WordPress is affected by CVE-2023-4774 via a stored XSS in the wp-piwik shortcode. Versions up to and including 1.0.28 are vulnerable due to insufficient input sanitization and output escaping on shortcode attributes, allowing authenticated attackers with cont...
CVE-2023-4774
The WP-Matomo Integration WP-Piwik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
WordPress plugin WP-Matomo Integration cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress WP-Matomo Integration Plugin < 1.0.28 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wp-piwikproject:wp-piwik"; ifdescription...
WordPress WP-Matomo Integration Plugin < 1.0.27 CSRF Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wp-piwikproject:wp-piwik"; ifdescription...
WordPress WP-Matomo Integration Plugin < 1.0.11 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wp-piwikproject:wp-piwik"; ifdescription...
CVE-2023-33211
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...
CVE-2023-33211
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...
CVE-2023-33211
The CVE-2023-33211 entry concerns the WordPress WP-Piwik (WP-Matomo Integration) plugin. A Stored Cross-Site Scripting (XSS) vulnerability exists in versions up to and including 1.0.27 when authenticated as admin+ (requires administrator privileges). The root cause is an XSS flaw in the plugin’s ...
CVE-2023-33211 WordPress WP-Piwik Plugin <= 1.0.27 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...
PT-2023-24222 · André Bräkling · André Bräkling Wp-Matomo Integration
Name of the Vulnerable Software and Affected Versions: André Bräkling WP-Matomo Integration WP-Piwik plugin versions prior to 1.0.28 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For André...