bashbuddy (>=0.2.0 <=0.2.1), boilerplate-x (>=0.1.1 <=0.2.8) +23 more potentially affected by CVE-2023-29374 via langchain (>=0.0.100 <=0.0.131)

langchain PYPI version =0.0.100, =0.2.0, =0.1.1, =0.0.0, =0.1.0, =0.0.1, =0.0.4, =10.9.15, =0.1.3, =0.3.0, =0.0.1, =0.0.13, =0.0.1, =0.0.40, =0.1.1, =0.0.1, =0.0.7 and more Source cves: CVE-2023-29374 Source advisory: OSV:GHSA-FPRP-P869-W6Q2...

CVE-2022-46848

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin = 3.9.1 versions...

CVE-2022-46848

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin = 3.9.1 versions...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin = 3.9.1 versions...

CVE-2022-46848 WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin = 3.9.1 versions...

CVE-2022-46848

CVE-2022-46848 affects the WordPress plugin Themeisle Visualizer: Tables and Charts Manager, versioned

PT-2023-15073 · Themeisle · Themeisle Visualizer

Name of the Vulnerable Software and Affected Versions: Themeisle Visualizer: Tables and Charts Manager for WordPress plugin versions = 3.9.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. It affects users with contributor or higher permissions. There is no...

WordPress plugin Visualizer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Debian: Security Advisory (DLA-768-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Visualizer < 3.9.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Visualizer Plugin <= 3.9.4 is vulnerable to Cross Site Scripting (XSS)

Software Visualizer Type Plugin Vulnerable versions = 3.9.4 Fixed in 3.9.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23708 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d0daddcc471b Credits Rafshanzani Suhada Required...

SUSE CVE-2019-7609

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands...

Visualizer < 3.9.2 - Contributor+ Stored XSS

The plugin does not sanitise and escape some parameters in the renderChartPages function, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Visualizer Type Plugin Vulnerable versions = 3.9.1 Fixed in 3.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-46848 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5d57cada7c6d Credits Muhammad Daffa Required...

CVE-2022-2444

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remotedata' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call...

CVE-2022-2444

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remotedata' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call...

CVE-2022-2444

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remotedata' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call...

Deserialization of untrusted data

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remotedata' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call...

CVE-2022-2444 Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remotedata' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call...

WordPress plugin Visualizer 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...