33 matches found
EUVD-2023-34889
Malicious code in bioql PyPI...
EUVD-2024-52545
Malicious code in bioql PyPI...
EUVD-2024-17398
Malicious code in bioql PyPI...
EUVD-2023-59377
Malicious code in bioql PyPI...
CVE-2023-30474
Cross-Site Request Forgery CSRF vulnerability in Kilian Evang Ultimate Noindex Nofollow Tool II plugin = 1.3 versions...
CVE-2023-45065
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin = 1.42 versions...
CVE-2024-1663
The Ultimate Noindex Nofollow Tool II WordPress plugin before 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2023-7196
The Ultimate Noindex Nofollow Tool WordPress plugin through 1.1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-1663 Ultimate Noindex Nofollow Tool II < 1.3.6 - Admin+ Stored XSS
The Ultimate Noindex Nofollow Tool II WordPress plugin before 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2024-1663 Ultimate Noindex Nofollow Tool II < 1.3.6 - Admin+ Stored XSS
The Ultimate Noindex Nofollow Tool II WordPress plugin before 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2023-7196 Ultimate Noindex Nofollow Tool <= 1.1.2 - Settings Update via CSRF
The Ultimate Noindex Nofollow Tool WordPress plugin through 1.1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
WordPress plugin Ultimate Noindex Nofollow Tool II 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...
WordPress plugin Bulk NoIndex & NoFollow Toolkit 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...
WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 2.15 is vulnerable to Cross Site Scripting (XSS)
Software Bulk NoIndex & NoFollow Toolkit Type Plugin Vulnerable versions = 2.15 Fixed in 2.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8803 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 78a9bff492c8 Credits vgo0...
CVE-2024-29791
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01...
CVE-2024-29791 WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 2.01 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01...
CVE-2024-29791 WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 2.01 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01...
CVE-2024-29791
Technical details are not provided in the supplied documents; CVE-2024-29791 is described as a reflected XSS in Bulk NoIndex & NoFollow Toolkit (WordPress plugin) up to version 2.01; no exploit specifics or mitigations are specified here.
PT-2024-23035 · Mad Fish Digital · Mad Fish Digital Bulk Noindex & Nofollow Toolkit
Name of the Vulnerable Software and Affected Versions: Mad Fish Digital Bulk NoIndex & NoFollow Toolkit versions through 2.01 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS...
WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 2.01 is vulnerable to Cross Site Scripting (XSS)
Software Bulk NoIndex & NoFollow Toolkit Type Plugin Vulnerable versions = 2.01 Fixed in 2.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29791 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bea274e4e958 Credits Le Ngoc Anh Requir...