37 matches found
EUVD-2025-122668
Malicious code in remark-meteor-slides-kaus npm...
Malicious code in remark-meteor-slides-nightwatch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8eb4bd29b5702676310ac558508cd9e3ada75cc965d0b2dc1edaa13c4b45b699 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-122667
Malicious code in remark-meteor-slides-nightwatch npm...
MAL-2025-147254 Malicious code in remark-meteor-slides-kaus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1db4f750a0eb590c31e0a9400a047a1df8bbb6e37335e96c282103d3ef23085f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-114279
Malicious code in dynamo-meteor-slides-elektra npm...
MAL-2025-147255 Malicious code in remark-meteor-slides-nightwatch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8eb4bd29b5702676310ac558508cd9e3ada75cc965d0b2dc1edaa13c4b45b699 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2022-51830
Malicious code in bioql PyPI...
EUVD-2024-50573
Malicious code in bioql PyPI...
EUVD-2024-46078
Malicious code in bioql PyPI...
CVE-2024-12073
The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-52493
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Leuze Meteor Slides meteor-slides allows Stored XSS.This issue affects Meteor Slides: from n/a through = 1.5.7...
CVE-2022-4486
The Meteor Slides WordPress plugin before 1.5.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...
CVE-2024-12073
The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-12073
The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-12073 Meteor Slides <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-12073 Meteor Slides <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-12073
CVE-2024-12073 affects the Meteor Slides WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) in the slide_url_value parameter across all versions up to and including 1.5.7, arising from insufficient input sanitization and output escaping. Exploitation requires authenticatio...
WordPress plugin Meteor Slides 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Meteor Slides plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin Meteor Slides versions = 1.5.7...
CVE-2024-52493
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Leuze Meteor Slides meteor-slides allows Stored XSS.This issue affects Meteor Slides: from n/a through = 1.5.7...