WordPress tagDiv Opt-In Builder plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin tagDiv Opt-In Builder versions = 1.7.3...

WordPress plugin WP Twitter Auto Publish 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A cross-site...

CVE-2025-58985

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through = 1.7.3...

CVE-2023-30846

typed-rest-client is a library for Node Rest and Http Clients with typings for use with TypeScript. Users of the typed-rest-client library version 1.7.3 or lower are vulnerable to leak authentication data to 3rd parties. The flow of the vulnerability is as follows: First, send any request with...

PT-2024-23893 · WordPress · Wp Server Health Stats

Name of the Vulnerable Software and Affected Versions: WP Server Health Stats versions 1.7.3 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...

PT-2020-13371 · Hashicorp +1 · Hashicorp Consul +2

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.4.0 through 1.6.5 HashiCorp Consul and Consul Enterprise versions 1.7.0 through 1.7.3 Description: The issue arises from the improper enforcement of scope for local tokens issued by a primary...

Westermo MRD-315 Information Disclosure Vulnerability

The Westermo MRD-315 is a 3G wireless router from Westermo, Sweden. An information disclosure vulnerability exists in the Westermo MRD-315 version 1.7.3 and version 1.7.4. The vulnerability stems from a configuration or other error in the operation of a network system or product. An attacker coul...

CVE-2018-0605

Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Ubiquiti Networks EdgeSwitch Code Execution Vulnerability (CNVD-2018-11987)

The Ubiquiti EdgeSwitch is a Gigabit network switch device from Ubiquiti Networks, Inc. A security vulnerability exists in Ubiquiti EdgeSwitch 1.7.3 and earlier versions, which stems from the program's lack of protection for the admin CLI. An attacker could exploit the vulnerability to execute co...

Joomla! cross-site scripting vulnerability (CNVD-2017-22326)

Joomla! CMS is a U.S. Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A cross-site scripting vulnerability exists in Joomla! CMS versions 1.7.3 to 3.7.2, which stems from a lack of cross-site...

Joomla! sensitive information disclosure vulnerability (CNVD-2017-22325)

Joomla! CMS is a U.S. Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A security vulnerability exists in Joomla! CMS versions 1.7.3 through 3.7.2, which is caused by the program failing to...

PT-2015-4526 · Django +1 · Django +1

Name of the Vulnerable Software and Affected Versions: Django versions 1.4.17 and earlier Django versions 1.6.x before 1.6.10 Django versions 1.7.x before 1.7.3 Description: The issue allows remote attackers to spoof WSGI headers by using an underscore character instead of a - dash character in a...