WordPress Salient Core plugin <= 3.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Salient Core versions = 3.0.8...

EUVD-2024-32384

Malicious code in bioql PyPI...

CVE-2024-3812

The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectaricon' shortcode 'iconlinea' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...

CVE-2024-3812

The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectaricon' shortcode 'iconlinea' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...

PT-2024-27890 · WordPress · Salient Core

Name of the Vulnerable Software and Affected Versions: Salient Core plugin for WordPress versions up to, and including, 2.0.7 Description: The Salient Core plugin for WordPress is vulnerable to Local File Inclusion via the nectar icon shortcode icon linea attribute. This allows authenticated...

CVE-2023-48748 WordPress Salient Core Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme nectar Salient Core allows Reflected XSS.This issue affects Salient Core: from n/a through 2.0.2...

CVE-2023-48749 WordPress Salient Core Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme nectar Salient Core allows Stored XSS.This issue affects Salient Core: from n/a through 2.0.2...

WordPress Salient Core Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Salient Core Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48748 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d4f544ed8ca1 Credits Rafie Muhammad Patchstack Required...

WordPress Salient Core Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Salient Core Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48749 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ef3d6f0a3d43 Credits Rafie Muhammad Patchstack Required...