EUVD-2022-33770

Malicious code in bioql PyPI...

CVE-2024-43309

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WP Socio WP Telegram Widget and Join Link allows Stored XSS.This issue affects WP Telegram Widget and Join Link: from n/a through 2.1.27...

WordPress plugin WP Telegram Widget and Join Link 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress WP Telegram Widget and Join Link Plugin <= 2.1.27 is vulnerable to Cross Site Scripting (XSS)

Software WP Telegram Widget and Join Link Type Plugin Vulnerable versions = 2.1.27 Fixed in 2.1.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43309 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e7c6c4fd307b Credits Muhammad Daffa...

WordPress Premium Blocks – Gutenberg Blocks for WordPress plugin <= 2.1.27 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Premium Blocks – Gutenberg Blocks for WordPress versions = 2.1.27...

GHSA-MX47-H5FV-GHWH light-oauth2 missing public key verification

light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token...

light-oauth2 Trust Management Issue Vulnerability

light-oauth2 is networknt open source a light-4j based fast , lightweight cloud-native OAuth 2.0 authorization microservice . light-oauth2 version 2.1.27 before the existence of a security vulnerability , the vulnerability stems from obtaining the public key without any validation , allowing an...

WordPress Plugin Codeat Glossary 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Glossary Plugin <= 2.1.27 is vulnerable to Cross Site Scripting (XSS)

Software Glossary Type Plugin Vulnerable versions = 2.1.27 Fixed in 2.1.28 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24378 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7470ca4b443e Credits Rafshanzani Suhada Required...

WordPress plugin wpDataTables跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress wpDataTables plugin 2.1.27 and earlier versions have a cross-site scripting vulnerability...

CVE-2022-29432

Multiple Authenticated administrator or higher user role Persistent Cross-Site Scripting XSS vulnerabilities in TMS-Plugins wpDataTables plugin = 2.1.27 on WordPress via &data-link-text;, &data-link-url;, , &data-shortcode;, &data-star-num; vulnerable parameters...

CVE-2022-25618

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in wpDataTables WordPress plugin versions = 2.1.27...

cyrus-sasl buffer overflow vulnerability

cyrus-sasl is an implementation of the Cyrus SASL Simple Authentication Security Layer API capable of providing authentication authorization services on both the client and server side. A buffer overflow vulnerability exists in cyrus-sasl version 2.1.27. The vulnerability stems from a network...

openSUSE Security Update : mailman (openSUSE-2019-495)

This update for mailman to version 2.1.27 fixes the following issues : This security issue was fixed : - CVE-2018-0618: Additional protections against injecting scripts into listinfo and error messages pages bsc1099510. These non-security issues were fixed : - The hash generated when...

Design/Logic Flaw

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role...

CVE-2019-1000001

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role...