23 matches found
EUVD-2024-35490
Malicious code in bioql PyPI...
CVE-2024-35732
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH Custom Login yith-custom-login.This issue affects YITH Custom Login: from n/a through = 1.7.0...
CVE-2024-8665
The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
BIT-WORDPRESS-2024-8665
The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
BIT-WORDPRESS-MULTISITE-2024-8665
The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
CVE-2024-8665
The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
CVE-2024-8665
The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
CVE-2024-8665 YITH Custom Login <= 1.7.3 - Reflected Cross-Site Scripting
The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
CVE-2024-8665
CVE-2024-8665 affects the WordPress plugin YITH Custom Login and its vulnerability is a reflected Cross-Site Scripting (XSS) caused by using add_query_arg without proper escaping in the URL. The issue affects all versions up to and including 1.7.3. The vulnerability can allow unauthenticated atta...
CVE-2024-8665 YITH Custom Login <= 1.7.3 - Reflected Cross-Site Scripting
The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
WordPress YITH Custom Login plugin <= 1.7.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin YITH Custom Login versions = 1.7.3...
PT-2024-39163 · Yith · Yith Custom Login
Name of the Vulnerable Software and Affected Versions: YITH Custom Login plugin for WordPress versions up to, and including, 1.7.3 Description: The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping o...
WordPress YITH Custom Login Plugin <= 1.7.3 is vulnerable to Cross Site Scripting (XSS)
Software YITH Custom Login Type Plugin Vulnerable versions = 1.7.3 Fixed in 1.7.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8665 Patch priority Medium CVSS severity Medium 7.1 Developer YITH PSID 91c2ea88e903 Credits vgo0 Required privilege...
WordPress plugin YITH Custom Login 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-35732
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH Custom Login yith-custom-login.This issue affects YITH Custom Login: from n/a through = 1.7.0...
CVE-2024-35732
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in YITH YITH Custom Login allows Stored XSS.This issue affects YITH Custom Login: from n/a through 1.7.0...
CVE-2024-35732 WordPress YITH Custom Login plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH Custom Login yith-custom-login.This issue affects YITH Custom Login: from n/a through = 1.7.0...
CVE-2024-35732 WordPress YITH Custom Login plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH Custom Login yith-custom-login.This issue affects YITH Custom Login: from n/a through = 1.7.0...
CVE-2024-35732
CVE-2024-35732 is an XSS vulnerability in YITH Custom Login (Stored XSS) described as "Improper Neutralization of Input During Web Page Generation". The affected product is YITH Custom Login; affected range is from n/a through 1.7.0. Root cause per document: improper neutralization of input durin...
PT-2024-26684 · Yith · Yith Custom Login
Name of the Vulnerable Software and Affected Versions: YITH Custom Login versions 1.7.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For YI...