58 matches found
CVE-2023-29425
Cross-Site Request Forgery CSRF vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...
CVE-2023-29424
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Plainware ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...
EUVD-2024-44330
Malicious code in bioql PyPI...
EUVD-2023-32994
Malicious code in bioql PyPI...
EUVD-2023-32993
Malicious code in bioql PyPI...
EUVD-2024-40822
Malicious code in bioql PyPI...
CVE-2024-9435
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-44040
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware ShiftController Employee Shift Scheduling shiftcontroller allows Stored XSS.This issue affects ShiftController Employee Shift Scheduling: from n/a through = 4.9.64...
CVE-2023-1978
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2024-4733
The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the hc3session-cookie in versions up to, and including, 4.9.57. This makes it possible for an authenticated attacker with contributor access-level or above to inje...
CVE-2024-44040 WordPress ShiftController Employee Shift Scheduling plugin <= 4.9.64 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware ShiftController Employee Shift Scheduling shiftcontroller allows Stored XSS.This issue affects ShiftController Employee Shift Scheduling: from n/a through = 4.9.64...
CVE-2024-44040 WordPress ShiftController Employee Shift Scheduling plugin <= 4.9.64 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Plainware ShiftController Employee Shift Scheduling allows Stored XSS.This issue affects ShiftController Employee Shift Scheduling: from n/a through 4.9.64...
CVE-2024-44040
CVE-2024-44040 : WordPress plugin ShiftController Employee Shift Scheduling contains a stored XSS due to improper input neutralization during web page generation. Affected plugin versions:
WordPress plugin ShiftController Employee Shift Scheduling 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-9435
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-9435
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-9435 ShiftController Employee Shift Scheduling <= 4.9.66 - Reflected Cross-Site Scripting
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-9435
CVE-2024-9435 refers to the ShiftController Employee Shift Scheduling WordPress plugin. Affected versions up to and including 4.9.66 are vulnerable to a reflected Cross-Site Scripting (XSS) via URL keys due to insufficient input sanitization and output escaping. The vulnerability can be exploited...
CVE-2024-9435 ShiftController Employee Shift Scheduling <= 4.9.66 - Reflected Cross-Site Scripting
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
WordPress ShiftController Employee Shift Scheduling plugin <= 4.9.66 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin ShiftController Employee Shift Scheduling versions = 4.9.66...