EUVD-2016-1941

Malware in sbrugna...

EUVD-2024-47499

Malicious code in bioql PyPI...

CVE-2016-10950

The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter...

WordPress Sirv plugin <= 7.5.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Sirv versions = 7.5.3...

WordPress plugin Sirv 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2024-5853

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirvuploadfilebychanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated attackers, with...

CVE-2024-10855

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirvuploadfilebychunks function and lack of in all versions up to, and including...

CVE-2024-10855

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirvuploadfilebychunks function and lack of in all versions up to, and including...

CVE-2024-10855

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirvuploadfilebychunks function and lack of in all versions up to, and including...

CVE-2024-10855 Image Optimizer, Resizer and CDN – Sirv <= 7.3.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirvuploadfilebychunks function and lack of in all versions up to, and including...

CVE-2024-10855

CVE-2024-10855 affects the Image Optimizer, Resizer and CDN – Sirv WordPress plugin up to 7.3.0. It enables authenticated attackers with Contributor-level access or higher to modify data by abusing insufficient validation on the filename parameter in sirv_upload_file_by_chunks(), allowing deletio...

WordPress Sirv plugin <= 7.3.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Option Deletion vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Sirv versions = 7.3.0...

WordPress Sirv Plugin <= 7.3.0 is vulnerable to Broken Access Control

Software Sirv Type Plugin Vulnerable versions = 7.3.0 Fixed in 7.3.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10855 Patch priority Low CVSS severity Low 8.1 Developer Sirv PSID b781e68df280 Credits Arkadiusz Hydzik Required privilege Contributor...

CVE-2024-8964

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-8964

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-8964 Image Optimizer, Resizer and CDN – Sirv <= 7.2.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-8964

CVE-2024-8964 affects the WordPress plugin “Image Optimizer, Resizer and CDN – Sirv” (Sirv) for WordPress, vulnerable up to version 7.2.9. The issue is a Stored Cross-Site Scripting (XSS) vector via SVG file uploads caused by insufficient input sanitization and output escaping. Exploitation requi...

WordPress Sirv plugin <= 7.2.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin Sirv versions = 7.2.9...

WordPress Sirv Plugin <= 7.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Sirv Type Plugin Vulnerable versions = 7.2.9 Fixed in 7.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8964 Patch priority Low CVSS severity Low 5.9 Developer Sirv PSID c2a5a24c5a87 Credits Francesco Carlucci Required privilege Author...

PT-2024-39341 · WordPress · Sirv

Name of the Vulnerable Software and Affected Versions: The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress versions up to, and including, 7.2.9 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output...