21 matches found
EUVD-2024-19365
Malicious code in bioql PyPI...
EUVD-2024-49428
Malicious code in bioql PyPI...
CVE-2024-8800
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and...
CVE-2024-21751
Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13...
CVE-2024-8800
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and...
CVE-2024-8800
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and...
CVE-2024-8800 RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more <= 2.21.0 - Reflected Cross-Site Scripting
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and...
CVE-2024-8800 RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more <= 2.21.0 - Reflected Cross-Site Scripting
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and...
CVE-2024-8800
CVE-2024-8800 describes a Reflected Cross-Site Scripting vulnerability in the RabbitLoader WordPress plugin up to version 2.21.0. The flaw stems from using add_query_arg without proper escaping, enabling unauthenticated attackers to craft links that inject scripts in pages executed by a user who ...
WordPress RabbitLoader plugin <= 2.21.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin RabbitLoader versions = 2.21.0...
WordPress RabbitLoader Plugin <= 2.21.0 is vulnerable to Cross Site Scripting (XSS)
Software RabbitLoader Type Plugin Vulnerable versions = 2.21.0 Fixed in 2.21.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8800 Patch priority Medium CVSS severity Medium 7.1 Developer RabbitLoader PSID 60a2212deaee Credits vgo0 Required privileg...
WordPress plugin RabbitLoader 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-39264 · WordPress · Rabbitloader
Name of the Vulnerable Software and Affected Versions: RabbitLoader plugin for WordPress versions up to, and including, 2.21.0 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on the URL. This allows unauthenticated...
CVE-2024-21751
Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13...
CVE-2024-21751
Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13...
CVE-2024-21751 WordPress RabbitLoader plugin <= 2.19.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13...
CVE-2024-21751 WordPress RabbitLoader plugin <= 2.19.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13...
PT-2024-19039 · Unknown · Rabbitloader
Name of the Vulnerable Software and Affected Versions: RabbitLoader versions n/a through 2.19.13 Description: The issue is related to a Missing Authorization vulnerability in RabbitLoader. Recommendations: For versions n/a through 2.19.13, at the moment, there is no information about a newer...
WordPress plugin RabbitLoader security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
RabbitLoader < 2.19.14 - Missing Authorization via multiple AJAX actions
Description The RabbitLoader plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 2.19.13. This makes it possible for authenticated attackers, with subscriber-level...