CVE-2022-0210

The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the /include/models/model.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and...

EUVD-2014-4766

Malware in sbrugna...

EUVD-2022-15412

Malicious code in bioql PyPI...

WordPress Random Banner plugin <= 4.2.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Random Banner versions = 4.2.11...

PT-2022-13038 · WordPress · Random Banner

Name of the Vulnerable Software and Affected Versions: Random Banner WordPress plugin versions up to and including 4.1.4 Description: The issue is related to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the /include/models/model.php file. This allow...

CVE-2014-4847

CVE-2014-4847 concerns a cross-site scripting (XSS) flaw in the WordPress plugin “Random Banner” version 1.1.2.1. The vulnerability allows a remote attacker to inject arbitrary web script or HTML via the buffercode_RBanner_url_banner1 parameter in an update action to wp-admin/options.php. Affecte...

WordPress Random Banner Plugin <= 1.1.2.1 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "buffercodeRBannerurlbanner1" parameter in an update action to wp-admin/options.php. Solution Update the plugin...