18 matches found
CVE-2024-2335
The Elements Plus! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widget link URLs in all versions up to, and including, 2.16.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
EUVD-2024-29113
Malicious code in bioql PyPI...
EUVD-2024-29112
Malicious code in bioql PyPI...
CVE-2024-31213
InstantCMS is a free and open source content management system. An open redirect was found in the ICMS2 application version 2.16.2 when being redirected after modifying one's own user profile. An attacker could trick a victim into visiting their web application, thinking they are still present on...
WordPress plugin Currency Switcher for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Currency Switcher for WooCommerce plugin <= 2.16.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Currency Switcher for WooCommerce versions = 2.16.2...
WordPress plugin Spectra 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2021-29923 affecting package python-tensorboard for versions less than 2.16.2-2
CVE-2021-29923 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...
CVE-2020-28367 affecting package python-tensorboard for versions less than 2.16.2-2
CVE-2020-28367 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...
CVE-2020-14039 affecting package python-tensorboard for versions less than 2.16.2-2
CVE-2020-14039 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...
CVE-2022-46175 affecting package python-tensorboard for versions less than 2.16.2-2
CVE-2022-46175 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...
CVE-2021-22569 affecting package python-tensorboard for versions less than 2.16.2-2
CVE-2021-22569 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...
CVE-2022-1941 affecting package python-tensorboard for versions less than 2.16.2-1
CVE-2022-1941 affecting package python-tensorboard for versions less than 2.16.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-3115 affecting package python-tensorboard for versions less than 2.16.2-1
CVE-2021-3115 affecting package python-tensorboard for versions less than 2.16.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2020-15586 affecting package python-tensorboard for versions less than 2.16.2-1
CVE-2020-15586 affecting package python-tensorboard for versions less than 2.16.2-1. An upgraded version of the package is available that resolves this issue...
InstantCMS 安全漏洞
InstantCMS is a free open source CMS open sourced by instantSoft. A security vulnerability exists in InstantCMS version v2.16.2, which stems from the presence of an open redirection vulnerability...
PT-2024-23856 · Unknown · Instantcms
Name of the Vulnerable Software and Affected Versions: InstantCMS version 2.16.2 Description: An open redirect was found in the ICMS2 application when being redirected after modifying one's own user profile. An attacker could trick a victim into visiting their web application, thinking they are...
WordPress Elements Plus! Plugin <= 2.16.2 is vulnerable to Cross Site Scripting (XSS)
Software Elements Plus! Type Plugin Vulnerable versions = 2.16.2 Fixed in 2.16.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2335 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f0c8e35ef5d6 Credits Francesco Carlucci...