33 matches found
EUVD-2024-43318
Malicious code in bioql PyPI...
EUVD-2023-48810
Malicious code in bioql PyPI...
CVE-2024-49250
Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Table of Contents Plus table-of-contents-plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through = 2408...
CVE-2024-5578
The Table of Contents Plus WordPress plugin through 2408 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2023-44473
Cross-Site Request Forgery CSRF vulnerability in Michael Tran Table of Contents Plus plugin = 2302 versions...
WordPress Table of Contents Plus plugin <= 2411 - Editor+ Stored XSS vulnerability
Editor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Table of Contents Plus versions = 2411...
CVE-2024-5578
The Table of Contents Plus WordPress plugin through 2408 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-5578
The CVE-2024-5578 entry concerns Table of Contents Plus (WordPress plugin) up to version 2408. Connected sources confirm a root cause of insufficient sanitisation/escaping of some plugin settings, enabling stored XSS by high-privilege users (e.g., editors) and while unfiltered_html is disallowed....
WordPress Table of Contents Plus Plugin <= 2411 is vulnerable to Cross Site Scripting (XSS)
Software Table of Contents Plus Type Plugin Vulnerable versions = 2411 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5578 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 487fd7341438 Credits Dmitrii Ignatyev...
CVE-2024-49250
Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Table of Contents Plus table-of-contents-plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through = 2408...
CVE-2024-49250 WordPress Table of Contents Plus plugin <= 2408 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Table of Contents Plus table-of-contents-plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through = 2408...
CVE-2024-49250 WordPress Table of Contents Plus plugin <= 2408 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Michael Tran Table of Contents Plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through 2408...
CVE-2024-49250
CVE-2024-49250 describes a CSRF vulnerability in WordPress Table of Contents Plus. The initial record and connected sources identify Table of Contents Plus as affected, with references noting CSRF across versions n/a–2408 (and related entries citing versions up to 2411.1 in Patchstack data). The ...
PT-2024-33388 · Michael Tran · Table Of Contents Plus
Name of the Vulnerable Software and Affected Versions: Table of Contents Plus versions n/a through 2408 Description: A Cross-Site Request Forgery CSRF issue is found in Michael Tran's Table of Contents Plus, allowing malicious activities. This issue enables Cross Site Request Forgery...
WordPress Table of Contents Plus Plugin <= 2411.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Table of Contents Plus Type Plugin Vulnerable versions = 2411.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49250 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0206b95f1f9a Credits Rafie Muhamma...
Table of Contents Plus < 2309 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Table of Contents Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2302 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-lev...
CVE-2023-44473
Cross-Site Request Forgery CSRF vulnerability in Michael Tran Table of Contents Plus plugin = 2302 versions...
CVE-2023-44473
Cross-Site Request Forgery CSRF vulnerability in Michael Tran Table of Contents Plus plugin = 2302 versions...
CVE-2023-44473 WordPress Table of Contents Plus Plugin <= 2302 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Michael Tran Table of Contents Plus plugin = 2302 versions...
CVE-2023-44473
CVE-2023-44473 affects the WordPress Table of Contents Plus plugin (versions