24 matches found
EUVD-2024-36761
Malicious code in bioql PyPI...
EUVD-2024-29793
Malicious code in bioql PyPI...
CVE-2024-31935
Cross-Site Request Forgery CSRF vulnerability in BracketSpace Simple Post Notes.This issue affects Simple Post Notes: from n/a through 1.7.6...
CVE-2024-37562
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BracketSpace Simple Post Notes allows Stored XSS.This issue affects Simple Post Notes: from n/a through 1.7.7...
CVE-2022-2186
The Simple Post Notes WordPress plugin before 1.7.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2024-37562
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BracketSpace Simple Post Notes allows Stored XSS.This issue affects Simple Post Notes: from n/a through 1.7.7...
CVE-2024-37562
CVE-2024-37562 affects the WordPress plugin “Simple Post Notes” and is described as an “Improper Neutralization of Input During Web Page Generation” (Stored XSS). The initial and connected records consistently note the issue as a Stored XSS vulnerability that affects Simple Post Notes versions n/...
CVE-2024-37562 WordPress Simple Post Notes plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BracketSpace Simple Post Notes allows Stored XSS.This issue affects Simple Post Notes: from n/a through 1.7.7...
CVE-2024-37562 WordPress Simple Post Notes plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BracketSpace Simple Post Notes allows Stored XSS.This issue affects Simple Post Notes: from n/a through 1.7.7...
PT-2024-27661 · Unknown · Simple Post Notes
Name of the Vulnerable Software and Affected Versions: Simple Post Notes versions n/a through 1.7.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...
WordPress Simple Post Notes plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by justakazh Patchstack Alliance in WordPress Plugin Simple Post Notes versions = 1.7.7...
WordPress Simple Post Notes Plugin <= 1.7.7 is vulnerable to Cross Site Scripting (XSS)
Software Simple Post Notes Type Plugin Vulnerable versions = 1.7.7 Fixed in 1.7.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37562 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d5b3ff5d0988 Credits justakazh Required privilege...
CVE-2024-31935
Cross-Site Request Forgery CSRF vulnerability in BracketSpace Simple Post Notes.This issue affects Simple Post Notes: from n/a through 1.7.6...
CVE-2024-31935 WordPress Simple Post Notes plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in BracketSpace Simple Post Notes.This issue affects Simple Post Notes: from n/a through 1.7.6...
CVE-2024-31935 WordPress Simple Post Notes plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in BracketSpace Simple Post Notes.This issue affects Simple Post Notes: from n/a through 1.7.6...
CVE-2024-31935
CVE-2024-31935 describes a Cross-Site Request Forgery (CSRF) vulnerability in BracketSpace Simple Post Notes for WordPress, affecting versions from n/a up to 1.7.6. The available documents confirm the vulnerability type and affected version range but do not provide specific root-cause details, ex...
PT-2024-24299 · Unknown · Simple Post Notes
Name of the Vulnerable Software and Affected Versions: Simple Post Notes versions 1.7.6 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software. This type of issue allows an attacker to perform unintended actions on a user's behalf. Recommendations: For versions 1.7....
WordPress Plugin Simple Post Notes 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
WordPress Simple Post Notes plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin Simple Post Notes versions = 1.7.6...
CVE-2022-2186
The Simple Post Notes WordPress plugin before 1.7.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...