21 matches found
EUVD-2023-12188
Malicious code in bioql PyPI...
EUVD-2023-12189
Malicious code in bioql PyPI...
CVE-2023-0088
The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on several AJAX actions handling page creation and deletion among other things. This makes it possible for...
CVE-2023-0087
The Swifty Page Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘spmpluginoptionspagetreemaxwidth’ parameter in versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
WordPress Swifty Page Manager Plugin <= 3.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Swifty Page Manager Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A8: Cross Site Request Forgery CSRF Classification Cross Site Request Forgery CSRF CVE CVE-2023-0088 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID a4c6c81911f7 Credits Marco...
WordPress Swifty Page Manager Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Swifty Page Manager Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0087 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 783dea52e7e8 Credits Marco Wotschka Require...
CVE-2023-0088
The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on several AJAX actions handling page creation and deletion among other things. This makes it possible for...
CVE-2023-0087
The Swifty Page Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘spmpluginoptionspagetreemaxwidth’ parameter in versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
CVE-2023-0087
The Swifty Page Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘spmpluginoptionspagetreemaxwidth’ parameter in versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
CVE-2023-0088
The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on several AJAX actions handling page creation and deletion among other things. This makes it possible for...
CVE-2023-0088
The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on several AJAX actions handling page creation and deletion among other things. This makes it possible for...
CVE-2023-0087
The Swifty Page Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘spmpluginoptionspagetreemaxwidth’ parameter in versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
Cross site scripting
The Swifty Page Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘spmpluginoptionspagetreemaxwidth’ parameter in versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
CVE-2023-0088 Swifty Page Manager <= 3.0.1 - Cross-Site Request Forgery
The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on several AJAX actions handling page creation and deletion among other things. This makes it possible for...
CVE-2023-0088
CVE-2023-0088 : The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation on AJAX actions that handle page creation and deletion (versions up to 3.0.1). This allows unauthenticated attackers to trick an administrator into pe...
CVE-2023-0087
The Swifty Page Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘spmpluginoptionspagetreemaxwidth’ parameter in versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
CVE-2023-0087
The CVE-2023-0087 issue affects the WordPress Swifty Page Manager plugin up to version 3.0.1. It is caused by insufficient input sanitization and output escaping in the spm_plugin_options_page_tree_max_width parameter, enabling stored XSS. Impact requires administrator-level access to inject scri...
PT-2023-16002 · WordPress · Swifty Page Manager
Name of the Vulnerable Software and Affected Versions: Swifty Page Manager plugin for WordPress versions up to, and including, 3.0.1 Description: The issue is related to Stored Cross-Site Scripting via the spm plugin options page tree max width parameter due to insufficient input sanitization and...
WordPress plugin Swifty Page Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress plugin Swifty Page Manager 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...