6 matches found
EUVD-2022-24933
Malicious code in bioql PyPI...
WordPress Simple Real Estate Pack plugin跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Simple Real Estate Pack plugin 1.4.8 and earlier versions are vulnerable to a cross-site...
CVE-2022-1646
The Simple Real Estate Pack WordPress plugin through 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...
CVE-2022-1646
The Simple Real Estate Pack WordPress plugin through 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...
CVE-2022-1646
CVE-2022-1646 affects the WordPress plugin Simple Real Estate Pack (versions
Simple Real Estate Pack <= 1.4.8 - Admin+ Stored Cross Site Scripting
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed PoC Put the following payload in the plugin's settings such as "Consumer Key": "...