12 matches found
EUVD-2022-49946
Malicious code in bioql PyPI...
CVE-2022-47171
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paul C. Schroeder IP Vault – WP Firewall plugin = 1.1 versions...
CVE-2022-4536
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
CVE-2022-4536 IP Vault – WP Firewall <= 1.1 - IP Address Spoofing to Protection Mechanism Bypass
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
CVE-2022-4536 IP Vault – WP Firewall <= 1.1 - IP Address Spoofing to Protection Mechanism Bypass
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
PT-2024-11706 · WordPress · The Ip Vault – Wp Firewall
Name of the Vulnerable Software and Affected Versions: The IP Vault – WP Firewall plugin for WordPress versions up to, and including, 1.1 Description: The issue is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions...
CVE-2022-47171
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paul C. Schroeder IP Vault – WP Firewall plugin = 1.1 versions...
CVE-2022-47171
CVE-2022-47171 affects the Paul C. Schroeder IP Vault – WP Firewall plugin for WordPress, specifically versions <= 1.1. The issue is a Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Impact is described as low severity with Privilege...
CVE-2022-47171 WordPress IP Vault – WP Firewall Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paul C. Schroeder IP Vault – WP Firewall plugin = 1.1 versions...
PT-2023-15214 · Paul C. Schroeder · The Ip Vault – Wp Firewall
Name of the Vulnerable Software and Affected Versions: Paul C. Schroeder IP Vault – WP Firewall plugin versions prior to 1.2 Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting. Recommendations: For versions prio...
WordPress IP Vault – WP Firewall Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Software IP Vault – WP Firewall Type Plugin Vulnerable versions = 1.1 Fixed in 2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47171 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 98996a8ae2cc Credits rezaduty Required...
IP Vault - WP Firewall <= 1.1 - Admin+ Stored XSS
The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...