21 matches found
EUVD-2024-35070
Malicious code in bioql PyPI...
EUVD-2024-30363
Malicious code in bioql PyPI...
CVE-2024-34804
Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.8...
CVE-2024-32561
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7...
CVE-2024-34804
Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.8...
CVE-2024-34804 WordPress Tagembed plugin <= 5.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.8...
CVE-2024-34804 WordPress Tagembed plugin <= 5.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.8...
CVE-2024-34804
CVE-2024-34804 is a Missing Authorization vulnerability in the WordPress Tagembed plugin, affecting Tagembed versions from n/a through 5.8. The issue is described as Broken Access Control/Missing Authorization. Public details provided here indicate the vulnerability affects Tagembed and that ther...
PT-2024-26200 · Tagembed · Tagembed
Name of the Vulnerable Software and Affected Versions: Tagembed versions n/a through 5.8 Description: The issue is related to a Missing Authorization vulnerability in Tagembed. Recommendations: For versions n/a through 5.8, update to a version that contains a fix for this issue, however at the...
WordPress plugin Tagembed security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
Tagembed <= 5.8 - Missing Authorization
Description The Tagembed plugin for WordPress is vulnerable to unauthorized access of functionality in versions up to, and including, 5.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to invoke such functionality. The security impact is low...
WordPress Tagembed plugin <= 5.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Tagembed versions = 5.8...
WordPress Tagembed Plugin <= 5.8 is vulnerable to Broken Access Control
Software Tagembed Type Plugin Vulnerable versions = 5.8 Fixed in 5.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34804 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 11b1e2a3c703 Credits Abdi Pranata Required privilege Subscrib...
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds < 4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user...
CVE-2024-32561
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7...
CVE-2024-32561
CVE-2024-32561 is a Stored XSS in Tagembed's WordPress widget (Tagembed). The issue arises from improper neutralization of input during web page generation and affects Tagembed: from n/a through 4.7. Exploitation could occur when a site displays user-supplied content through the widget, enabling ...
CVE-2024-32561 WordPress Tagembed plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7...
CVE-2024-32561 WordPress Tagembed plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7...
WordPress Plugin Tagembed 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Tagembed plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Tagembed versions = 4.7...