WordPress EmbedPress plugin <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Block vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Youtube Block vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin EmbedPress versions = 3.9.14...

CVE-2022-42919 affecting package python3 for versions less than 3.9.19-1

CVE-2022-42919 affecting package python3 for versions less than 3.9.19-1. A patched version of the package is available...

WordPress Plugin EmbedPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-24570 · WordPress · Embedpress

Name of the Vulnerable Software and Affected Versions: EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress versions up to, and including, 3.9.14 Description: The issue arises from insufficient...

WordPress EmbedPress plugin <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by wesley wcraft in WordPress Plugin EmbedPress versions = 3.9.14...

CVE-2024-3245

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Youtube block in all versions up to, and including, 3.9.14 due to insufficie...

CVE-2024-3245

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Youtube block in all versions up to, and including, 3.9.14 due to insufficie...

CVE-2023-24329 affecting package python3 for versions less than 3.9.14-8

CVE-2023-24329 affecting package python3 for versions less than 3.9.14-8. A patched version of the package is available...

CVE-2023-2031

The Locatoraid Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 3.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2023-17428 · WordPress · Locatoraid Store Locator

Name of the Vulnerable Software and Affected Versions: Locatoraid Store Locator plugin for WordPress versions up to, and including, 3.9.14 Description: The issue is related to Stored Cross-Site Scripting via the plugin's shortcodes due to insufficient input sanitization and output escaping on use...

WordPress Locatoraid Store Locator Plugin <= 3.9.14 is vulnerable to Cross Site Scripting (XSS)

Software Locatoraid Store Locator Type Plugin Vulnerable versions = 3.9.14 Fixed in 3.9.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2031 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c58a334fcc5f Credits Alex...

SUSE-SU-2022:3485-1 Security update for python39

This update for python39 fixes the following issues: python39 was updated to version 3.9.14: - CVE-2020-10735: Fixed DoS due to int type in PyLongFromString not limiting amount of digits when converting text to int bsc1203125. - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP...

CVE-2019-19845

In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure...

CVE-2019-19846

In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors...

Joomla 2.5.x < 3.9.14 Multiple Vulnerabilities (5781-joomla-3-9-14)

According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.9.14. It is, therefore, affected by multiple vulnerabilities. - Missing access check in framework files could lead to a path disclosure. CVE-2019-19845 - The lack of validation of...

Joomla! Core Multiple SQL Injection and Information Disclosure Vulnerabilities

Description Joomla! Core is prone to an information-disclosure vulnerability and SQL-injection vulnerability. An attacker can exploit these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database and gain access to sensitive...