EUVD-2022-24932

Malicious code in bioql PyPI...

CVE-2022-1645

The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

WordPress Amazon Link plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Amazon Link plugin 3.2.10 and earlier versions have a cross-site scripting vulnerability th...

CVE-2022-1645

The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2022-1645

The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2022-1645

The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

Cross site scripting

The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2022-1645

CVE-2022-1645 affects the WordPress Amazon Link plugin up to version 3.2.10. The vulnerability stems from inadequate sanitisation/escaping of certain settings, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Multiple sources (NV...

CVE-2022-1645 Amazon Link <= 3.2.10 - Admin+ Stored Cross-Site Scripting

The Amazon Link WordPress plugin through 3.2.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

WordPress plugin Amazon Link 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Amazon Link plugin 3.2.10 and earlier versions have a cross-site scripting vulnerability th...

WordPress Amazon Link plugin <= 3.2.10 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability was discovered by Vinay Varma Mudunuri and Krishna Harsha Kondaveeti in the WordPress Amazon Link plugin versions = 3.2.10. Solution Deactivate and delete. This plugin has been closed as of April 14, 2022 and is not available for download. This closur...

Amazon Link <= 3.2.10 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. Put the following payload in settings such as the "AWS Public Key": "...

Amazon Link <= 3.2.10 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. PoC Put the following payload in settings such as the "AWS Public Key": "...

Be wary of Mega Millions winner “giveaway” on social media

I don't do lotteries, but if I did, I'd probably never, ever win in a million years. That's not a problem faced by 20-year-old Shane Missler, winner of the fourth-largest haul in Mega Millions' 21 years of handing out large bundles of cash. He's on record as saying he wants to "do some good" for...