Online Security Guards Hiring System SQL Injection Vulnerability

WordPress WP Shopping Pages plugin cross-site scripting vulnerability...

SAP Host Agent is a set of agent programs from SAP that supports a number of lifecycle management tasks such as operating system monitoring, database monitoring and system instance monitoring. An information disclosure vulnerability exists in SAP Host Agent that stems from a lack of authentication checks, which could be exploited by an unauthenticated attacker to set undocumented parameters to a specific compatibility value and then invoke a read function.

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-3492

The WP Shopping Pages WordPress plugin through 1.14 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

Cross site request forgery (csrf)

The WP Shopping Pages WordPress plugin through 1.14 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2023-3492

CVE-2023-3492 affects the WP Shopping Pages WordPress plugin up to version 1.14. The vulnerability arises from missing CSRF checks, insufficient sanitisation and escaping, enabling an authenticated attacker to trigger a Stored XSS payload in a logged-in admin account via CSRF. The connected Red H...

PT-2023-25052 · WordPress · Wp Shopping Pages

Name of the Vulnerable Software and Affected Versions: WP Shopping Pages WordPress plugin versions 1.14 and earlier Description: The issue is related to the lack of CSRF checks in some areas of the plugin, as well as missing sanitization and escaping. This could allow attackers to make logged-in...

WordPress plugin WP Shopping Pages 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Online Security Guards Hiring System SQL注入漏洞

WordPress WP Shopping Pages plugin cross-site scripting vulnerability...

Pimcore 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress WP Shopping Pages Plugin <= 1.14 is vulnerable to Cross Site Scripting (XSS)

Software WP Shopping Pages Type Plugin Vulnerable versions = 1.14 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3492 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 898c5bf8d8e1 Credits Katharina Altmann...