11 matches found
EUVD-2022-24732
Malicious code in bioql PyPI...
CVE-2022-1418
The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...
CVE-2022-1418
The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...
CVE-2022-1418
The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...
CVE-2022-1418
The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...
Cross site scripting
The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...
CVE-2022-1418
CVE-2022-1418 affects the WordPress Social Stickers plugin up to version 2.2.9. The issue is a lack of CSRF protection when updating its Social Network settings and insufficient escaping of certain fields, enabling a logged-in admin to modify settings in a way that could trigger Stored Cross-Site...
WordPress plugin Social Stickers 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Social Stickerss plugin 2.2.9 and earlier versions are vulnerable to a cross-site scripting...
Social Stickers <= 2.2.9 - Stored Cross-Site Scripting via CSRF
The plugin does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues. history.pushState'', '', '/' input type="hidden"...
WordPress Social Stickers plugin <= 2.2.9 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability
Stored Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability discovered by Vinay Varma Mudunuri and Krishna Harsha Kondaveeti in WordPress Social Stickers plugin versions = 2.2.9. Solution Deactivate and delete. This plugin has been closed as of April 19, 2022 and is not...
Social Stickers <= 2.2.9 - Stored Cross-Site Scripting via CSRF
The plugin does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues. PoC...