18 matches found
EUVD-2022-48245
Malicious code in bioql PyPI...
CVE-2022-45348
Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This issue affects amr users: from n/a through 4.59.4...
CVE-2022-45348
Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This issue affects amr users: from n/a through 4.59.4...
Input validation
Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This issue affects amr users: from n/a through 4.59.4...
CVE-2022-45348 WordPress amr users plugin <= 4.59.4 - CSV Injection vulnerability
A vulnerability in anmari amr users amr-users.This issue affects amr users: from n/a through = 4.59.4...
CVE-2022-45348
CVE-2022-45348 refers to a vulnerability in the WordPress plugin amr users (versions
CVE-2022-45348 WordPress amr users Plugin <= 4.59.4 is vulnerable to CSV Injection
Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This issue affects amr users: from n/a through 4.59.4...
PT-2023-14643 · Amr · Amr
Name of the Vulnerable Software and Affected Versions: amr users versions 4.59.4 and earlier Description: The issue is related to the improper neutralization of formula elements in a CSV file, affecting amr users. Recommendations: For versions 4.59.4 and earlier, update to a version that contains...
WordPress Plugin amr-users Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress amr users Plugin <= 4.59.4 is vulnerable to CSV Injection
Software amr users Type Plugin Vulnerable versions = 4.59.4 Fixed in N/A OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45348 Patch priority Low CVSS severity Low 5.8 Developer Claim ownership PSID af617aa8d2cb Credits Mika Required privilege Subscriber Published 22 March,...
WordPress plugin amr users跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin amr users version 4.59.4 has a cross-site scripting vulnerability that stems from a...
CVE-2022-1094
The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-1094 Amr Users < 4.59.4 - Admin+ Stored Cross-Site Scripting
The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
WordPress plugin amr users 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin amr users version 4.59.4 has a cross-site scripting vulnerability that stems from a...
PT-2022-13656 · WordPress · Amr Users
Name of the Vulnerable Software and Affected Versions: amr users WordPress plugin versions prior to 4.59.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some settings are not properly sanitised and...
Amr Users < 4.59.4 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the "Name of list" field in the User Lists...
Amr Users < 4.59.4 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Put the following payload in the "Name of list" field in the User Lists Overview ...
WordPress amr users plugin <= 4.59.3 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Ankur Bakre in WordPress amr users plugin versions = 4.59.3. Solution Update the WordPress amr users plugin to the latest available version at least 4.59.4...