EUVD-2022-52062

Malicious code in bioql PyPI...

CVE-2022-4764

The Simple File Downloader WordPress plugin through 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

CVE-2022-4764

The CVE-2022-4764 entry concerns the WordPress plugin Simple File Downloader (versions

CVE-2022-4764 Simple File Downloader <= 1.0.4 - Contributor+ Stored XSS via Shortcode

The Simple File Downloader WordPress plugin through 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

WordPress Plugin Simple File Downloader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Simple File Downloader Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Simple File Downloader Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4764 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 2ef1f33eb376 Credits István Márton...