8 matches found
EUVD-2024-35445
Malicious code in bioql PyPI...
CVE-2024-35686
Missing Authorization vulnerability in Automattic Sensei LMS, Automattic Sensei Pro WC Paid Courses.This issue affects Sensei LMS: from n/a through 4.23.1; Sensei Pro WC Paid Courses: from n/a through 4.23.1.1.23.1...
CVE-2024-34765 WordPress Sensei Pro (WC Paid Courses) plugin <= 4.23.1.1.23.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Sensei Sensei Pro WC Paid Courses allows Stored XSS.This issue affects Sensei Pro WC Paid Courses: from n/a through 4.23.1.1.23.1...
CVE-2024-34765 WordPress Sensei Pro (WC Paid Courses) plugin <= 4.23.1.1.23.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Sensei Sensei Pro WC Paid Courses allows Stored XSS.This issue affects Sensei Pro WC Paid Courses: from n/a through 4.23.1.1.23.1...
CVE-2024-34765
CVE-2024-34765 is a Stored XSS in Sensei Pro (WC Paid Courses) for Sensei LMS, affecting Sensei Pro: from n/a through 4.23.1.1.23.1. Red Hat’s advisory reiterates the same description. The initial data indicates this requires updating Sensei Pro to a fixed version (4.23.1.1.23.1) to mitigate the ...
WordPress Sensei Pro (WC Paid Courses) plugin <= 4.23.1.1.23.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Sensei Pro WC Paid Courses versions = 4.23.1.1.23.1...
WordPress Sensei Pro (WC Paid Courses) Plugin <= 4.23.1.1.23.1 is vulnerable to Cross Site Scripting (XSS)
Software Sensei Pro WC Paid Courses Type Plugin Vulnerable versions = 4.23.1.1.23.1 Fixed in 4.24.0.1.24.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34765 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ffa624f39abc Credits Rafie...
WordPress Sensei Pro (WC Paid Courses) Plugin <= 4.23.1.1.23.1 is vulnerable to Broken Access Control
Software Sensei Pro WC Paid Courses Type Plugin Vulnerable versions = 4.23.1.1.23.1 Fixed in 4.24.0.1.24.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35686 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5a225c011e38 Credits...