26 matches found
EUVD-2024-52904
Malicious code in bioql PyPI...
EUVD-2024-44935
Malicious code in bioql PyPI...
EUVD-2024-33538
Malicious code in bioql PyPI...
CVE-2024-56005
Cross-Site Request Forgery CSRF vulnerability in Posti Posti Shipping posti-shipping allows Cross Site Request Forgery.This issue affects Posti Shipping: from n/a through = 3.10.3...
CVE-2024-10832
The Posti Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the accountnumber and secretkey parameters in all versions up to, and including, 3.10.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2024-50512
Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti Shipping posti-shipping allows Retrieve Embedded Sensitive Data.This issue affects Posti Shipping: from n/a through = 3.10.2...
CVE-2024-56005
Cross-Site Request Forgery CSRF vulnerability in Posti Posti Shipping posti-shipping allows Cross Site Request Forgery.This issue affects Posti Shipping: from n/a through = 3.10.3...
CVE-2024-56005 WordPress Posti Shipping Plugin <= 3.10.3 - CSRF to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Posti Posti Shipping posti-shipping allows Cross Site Request Forgery.This issue affects Posti Shipping: from n/a through = 3.10.3...
CVE-2024-56005
CVE-2024-56005 is a CSRF-type vulnerability affecting Posti Shipping (WordPress plugin) up to version 3.10.3. The issue allows cross-site request forgery to change plugin settings. If exploited, an attacker could trigger settings changes without authentication or user interaction. The CVE has a C...
CVE-2024-56005 WordPress Posti Shipping Plugin <= 3.10.3 - CSRF to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Posti Posti Shipping allows Cross Site Request Forgery.This issue affects Posti Shipping: from n/a through 3.10.3...
PT-2024-36659 · Posti · Posti Shipping
Name of the Vulnerable Software and Affected Versions: Posti Shipping versions 3.10.3 and earlier Description: A Cross-Site Request Forgery CSRF issue affects Posti Shipping, allowing unauthorized actions to be performed on behalf of a user. Recommendations: For Posti Shipping versions 3.10.3 and...
WordPress plugin Posti Shipping 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...
WordPress Posti Shipping Plugin <= 3.10.3 - CSRF to Settings Change vulnerability
CSRF to Settings Change vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Posti Shipping versions = 3.10.3...
CVE-2024-10832
The Posti Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the accountnumber and secretkey parameters in all versions up to, and including, 3.10.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2024-10832
CVE-2024-10832 : Posti Shipping plugin for WordPress (versions ≤ 3.10.3) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation in generate_notices_html. This CSRF can allow unauthenticated attackers to trigger actions that lead to stored XSS by convincing an admini...
CVE-2024-10832 Posti Shipping <= 3.10.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via generate_notices_html Function
The Posti Shipping plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.10.3. This is due to missing or incorrect nonce validation on the generatenoticeshtml function. This makes it possible for unauthenticated attackers to inject malicious web...
CVE-2024-10832 Posti Shipping <= 3.10.3 - Reflected Cross-Site Scripting
The Posti Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the accountnumber and secretkey parameters in all versions up to, and including, 3.10.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
WordPress plugin Posti Shipping 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...
CVE-2024-50512
Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti Shipping posti-shipping allows Retrieve Embedded Sensitive Data.This issue affects Posti Shipping: from n/a through = 3.10.2...
CVE-2024-50512
CVE-2024-50512 affects the WordPress plugin Posti Shipping (versions