3 matches found
PT-2024-34302 · Unknown · Woocommerce +1
Name of the Vulnerable Software and Affected Versions: Plug your WooCommerce into the largest catalog of customized print products from Helloprint versions n/a through 2.0.2 Description: The issue allows an attacker to upload a web shell to a web server due to an unrestricted upload of file with...
PT-2022-24957 · Tasklists · Tasklists
Name of the Vulnerable Software and Affected Versions: tasklists versions prior to 2.0.3 Description: The issue allows for Cross-site Scripting XSS where an attacker can create XSS in task content when adding it. There are no known workarounds for this issue. Recommendations: For versions prior t...
PT-2021-14661 · Jenkins · Jenkins Repository Connector Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Repository Connector Plugin versions 2.0.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers with Item/Configure permission. This occurs because the plugin...