EUVD-2022-15742

Malicious code in bioql PyPI...

CVE-2019-25223

CVE-2019-25223 affects the WordPress plugin “Team Circle Image Slider With Lightbox.” The Wordfence vulnerability entry confirms an SQL Injection via the parameter id in all versions up to 1.0.4, caused by insufficient escaping and lack of proper prepared statements. Impact per the CVSS metrics i...

CVE-2019-25223 Team Circle Image Slider With Lightbox <= 1.0.4 - Authenticated (Admin+) SQL Injection

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2019-25223 Team Circle Image Slider With Lightbox <= 1.0.4 - Authenticated (Admin+) SQL Injection

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

WordPress Team Circle Image Slider With Lightbox Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Team Circle Image Slider With Lightbox Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2015-10130 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4e4875511ed9 Credit...

CVE-2023-2604

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.0.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

CVE-2023-2604

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.0.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

CVE-2023-2604 Team Circle Image Slider With Lightbox <= 1.0.17 - Reflected Cross-Site Scripting

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.0.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

PT-2023-20442 · WordPress · Team Circle Image Slider With Lightbox

Name of the Vulnerable Software and Affected Versions: The Team Circle Image Slider With Lightbox plugin for WordPress versions up to, and including, 1.0.17 Description: The issue is related to Reflected Cross-Site Scripting via the search term parameter due to insufficient input sanitization and...

WordPress Plugin Team Circle Image Slider With Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2022-0648

The Team Circle Image Slider With Lightbox WordPress plugin before 1.0.16 does not sanitize and escape the orderpos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

Team Circle Image Slider With Lightbox < 1.0.16 - Reflected Cross-Site Scripting

The plugin does not sanitize and escape the orderpos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. https://example.com/wp-admin/admin.php?page=circlethumbnailsliderwithlightboximagemanagement&orderpos=...