6 matches found
WordPress Stumble! for WordPress plugin <= 1.1.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Stumble! for WordPress versions = 1.1.1...
WordPress TrustedLogin Vendor Plugin < 1.1.1 is vulnerable to Sensitive Data Exposure
Software TrustedLogin Vendor Type Plugin Vulnerable versions 1.1.1 Fixed in 1.1.1 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2024-37270 Patch priority Low CVSS severity Low 5.3 Developer TrustedLogin PSID d31d0f132840 Credits Dhabaleshwar Das Require...
Uvdesk Cross-Site Scripting Vulnerability
Uvdesk is a complete ticket support system open source by Uvdesk India. A security vulnerability exists in Uvdesk v1.1.1. An attacker exploits this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload into the Message field when creating a ticket...
WordPress CRM Perks Forms Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)
Software CRM Perks Forms Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2836 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 82373127ce0e Credits Unknown Required privile...
moleculer-rabbitmq-extend-delay (=1.1.12) potentially affected by CVE-2020-7715 +1 more via deep-get-set (=1.1.1)
deep-get-set NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on deep-get-set and may be impacted: - moleculer-rabbitmq-extend-delay =1.1.12 Source cves: CVE-2020-7715, CVE-2022-21231 Source advisory: SNYK:JS-DEEPGETSET-2342655...
XSS in GOT.MY CLASSMATES
Product: CLASSMATES Vendor: http://www.got.my http://www.got.my/CLASSMATES/ Vulnerable Version: 1.1.1 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. The...