21 matches found
EUVD-2014-6517
Malware in sbrugna...
EUVD-2023-56198
Malicious code in bioql PyPI...
CVE-2024-11786
The Login with Vipps and MobilePay plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'continue-with-vipps' shortcode in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2023-51485
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through 1.14.13...
CVE-2024-11786
CVE-2024-11786 refers to the WordPress plugin Login with Vipps and MobilePay, affected up to version 1.3.3. The vulnerability is Stored Cross‑Site Scripting via the plugin’s continue-with-vipps shortcode, caused by insufficient input sanitization and output escaping on user-supplied attributes. T...
CVE-2024-11786 Login with Vipps and MobilePay <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Login with Vipps and MobilePay plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'continue-with-vipps' shortcode in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress plugin Login with Vipps and MobilePay 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
WordPress Login with Vipps and MobilePay plugin <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Login with Vipps and MobilePay versions = 1.3.3...
WordPress Login with Vipps and MobilePay Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Login with Vipps and MobilePay Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11786 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID fdf93186291b Credits Peter...
CVE-2023-51485
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through 1.14.13...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through 1.14.13...
CVE-2023-51485
CVE-2023-51485 is a Cross-Site Scripting (Stored XSS) vulnerability in the WordPress plugin “Pay with Vipps for WooCommerce” (WP Pay with Vipps). The issue arises from improper neutralization of user input during web page generation, allowing stored XSS. Affected versions are up to 1.14.13 (inclu...
CVE-2023-51485 WordPress Pay with Vipps for WooCommerce Plugin <= 1.14.13 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through 1.14.13...
CVE-2023-51485 WordPress Pay with Vipps for WooCommerce Plugin <= 1.14.13 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through 1.14.13...
WordPress Plugin Pay with Vipps and MobilePay for WooCommerce Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-14144 · Woocommerce · Pay With Vipps/Mobilepay For Woocommerce
Name of the Vulnerable Software and Affected Versions: Pay with Vipps and MobilePay for WooCommerce versions 1.14.13 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This mean...
MobilePay by Danske Bank - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application MobilePay by Danske Bank published at the 'play' market has multiple vulnerabilities...
CVE-2014-6639
The TIO MobilePay - Bill Payments aka com.tionetworks.mobile.android.tioclient application 1.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The TIO MobilePay - Bill Payments aka com.tionetworks.mobile.android.tioclient application 1.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6639
The TIO MobilePay - Bill Payments aka com.tionetworks.mobile.android.tioclient application 1.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...