19 matches found
EUVD-2022-39965
Malicious code in bioql PyPI...
EUVD-2022-39079
Malicious code in bioql PyPI...
CVE-2022-37330
Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in WHA Crossword plugin = 1.1.10 at WordPress...
CVE-2022-37330
Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in WHA Crossword plugin = 1.1.10 at WordPress...
CVE-2022-37330
CVE-2022-37330 affects the WordPress WHA Crossword plugin 1.1.10 and earlier. The issue is an authenticated Stored Cross-Site Scripting (XSS) vulnerability where parameters are not properly sanitised/escaped, enabling a Contributor+ to inject script that could affect other users. The root cause i...
CVE-2022-37330 WordPress WHA Crossword plugin <= 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in WHA Crossword plugin = 1.1.10 at WordPress...
CVE-2022-37330 WordPress WHA Crossword plugin <= 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in WHA Crossword plugin = 1.1.10 at WordPress...
PT-2022-23930 · Unknown · Wha Crossword Plugin
Name of the Vulnerable Software and Affected Versions: WHA Crossword plugin version 1.1.10 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with contributor or higher privileges can inject malicious script...
WordPress plugin WHA Crossword 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2022-36365
Multiple Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerabilities in WHA Crossword plugin = 1.1.10 at WordPress...
CVE-2022-36365
Multiple Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerabilities in WHA Crossword plugin = 1.1.10 at WordPress...
Cross site scripting
Multiple Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerabilities in WHA Crossword plugin = 1.1.10 at WordPress...
CVE-2022-36365
CVE-2022-36365 affects the WordPress plugin WHA Crossword up to version 1.1.10 . The issue is described as multiple authenticated stored XSS vulnerabilities (contributor+ level) arising from insufficient input sanitization/escaping, enabling an attacker with at least contributor privileges to inj...
CVE-2022-36365 WordPress WHA Crossword plugin <= 1.1.10 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerabilities in WHA Crossword plugin = 1.1.10 at WordPress...
PT-2022-23330 · Unknown · Wha Crossword Plugin
Name of the Vulnerable Software and Affected Versions: WHA Crossword plugin versions 1.1.10 and earlier Description: The issue concerns multiple authenticated Stored Cross-Site Scripting XSS vulnerabilities. These vulnerabilities can be exploited by contributors or users with higher privileges. T...
WordPress plugin WHA Crossword 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WHA Crossword <= 1.1.10 - Contributor+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
WordPress WHA Crossword plugin <= 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress WHA Crossword plugin versions = 1.1.10. Solution Deactivate and delete. No reply from the vendor...
WordPress WHA Crossword plugin <= 1.1.10 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities were discovered by Vlad Vector Patchstack in the WordPress WHA Crossword plugin versions = 1.1.10. Solution Deactivate and delete. No reply from the vendor...