WordPress Happy Addons for Elementor plugin <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Photo Stack Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Photo Stack Widget vulnerability discovered by RandomRoot in WordPress Plugin Happy Addons for Elementor versions = 3.10.3...

CVE-2021-47857

CVE-2021-47857 affects Moodle 3.10.3 and is a persistent cross-site scripting (XSS) vulnerability in the calendar event subtitle field. The underlying issue allows an attacker to inject malicious JavaScript into the subtitle track label of a crafted calendar event, with code execution possible wh...

Moodle cross-site scripting vulnerabilities

Moodle is an open-source e-learning software platform developed by Moodle. It is also known as a course management system, learning management system, or virtual learning environment. Version 3.10.3 of Moodle contains a cross-site scripting vulnerability. This vulnerability stems from a persisten...

SUSE CVE-2017-18901

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover a team invite ID by requesting a JSON document...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002352)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002352 advisory. The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data...

EUVD-2023-56370

Malicious code in bioql PyPI...

EUVD-2021-31485

Malicious code in bioql PyPI...

EUVD-2023-56372

Malicious code in bioql PyPI...

EUVD-2022-7540

Malicious code in bioql PyPI...

WordPress plugin ShortPixel Adaptive Images 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-51672

Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3...

CVE-2024-56005 WordPress Posti Shipping Plugin <= 3.10.3 - CSRF to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Posti Posti Shipping posti-shipping allows Cross Site Request Forgery.This issue affects Posti Shipping: from n/a through = 3.10.3...

WordPress plugin Posti Shipping 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

CVE-2023-51670

Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3...

WordPress plugin FunnelKit Checkout security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Vditor 跨站脚本漏洞

Vditor is a browser-side Markdown editor by the individual developer Vanessa219. A cross-site scripting vulnerability exists in Vditor version 3.10.3, which originates from allowing cross-site scripting attacks via attributes of A element...

CVE-2024-34449

Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true...

CVE-2024-1498

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Photo Stack Widget in all versions up to, and including, 3.10.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Plugin Happy Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-14232 · Unknown · Funnelkit Checkout

Name of the Vulnerable Software and Affected Versions: FunnelKit Checkout versions 3.10.3 and earlier Description: A Missing Authorization issue affects the software, potentially allowing unauthorized access. The estimated number of affected devices is not specified. There is no information about...