19 matches found
EUVD-2024-35222
Malicious code in bioql PyPI...
EUVD-2024-40238
Malicious code in bioql PyPI...
EUVD-2023-39083
Malicious code in bioql PyPI...
CVE-2024-43349
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through = 1.3.19...
CVE-2024-35169
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through = 1.3.15...
CVE-2023-35047
Cross-Site Request Forgery CSRF vulnerability in AREOI All Bootstrap Blocks plugin = 1.3.6 versions...
CVE-2024-53824
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through = 1.3.19...
CVE-2024-53824
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through = 1.3.19...
CVE-2024-53824
CVE-2024-53824 – WordPress All Bootstrap Blocks plugin contains a Local File Inclusion due to improper filename handling in PHP include/require. Affected: All Bootstrap Blocks versions up to 1.3.19. Impact is high (CVE score 7.5, AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H). Remediation: patch to 1.3.20 ...
CVE-2024-43349
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through = 1.3.19...
CVE-2024-43349
CVE-2024-43349 is an XSS vulnerability in All Bootstrap Blocks for WordPress (vulnerable before 1.3.19). Root cause: improper neutralization of input during web page generation, enabling stored XSS. CVSSv3.1 base score 6.5 (Network, Low attack complexity, User interaction required, Privileges Low...
CVE-2024-35169
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through = 1.3.15...
CVE-2024-35169
CVE-2024-35169 is a Stored XSS vulnerability in the WordPress plugin All Bootstrap Blocks (AREOI All Bootstrap Blocks). Affected range is All Bootstrap Blocks up to version 1.3.15 (inclusive). The issue arises from improper neutralization of input during web page generation. Public references in ...
PT-2024-26350 · Unknown · Areoi All Bootstrap Blocks
Name of the Vulnerable Software and Affected Versions: AREOI All Bootstrap Blocks versions 1.3.15 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject...
CVE-2023-35047
Cross-Site Request Forgery CSRF vulnerability in AREOI All Bootstrap Blocks plugin = 1.3.6 versions...
CVE-2023-35047
Cross-Site Request Forgery CSRF vulnerability in AREOI All Bootstrap Blocks plugin = 1.3.6 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in AREOI All Bootstrap Blocks plugin = 1.3.6 versions...
CVE-2023-35047
CVE-2023-35047 : Cross-Site Request Forgery in the WordPress plugin All Bootstrap Blocks (AREOI)
WordPress All Bootstrap Blocks Plugin <= 1.3.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software All Bootstrap Blocks Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35047 Patch priority Low CVSS severity Low 4.3 Developer AREOI PSID 8b9a52ad65ee Credits LEE SE HYOUNG...