70 matches found
EUVD-2023-28442
Malicious code in bioql PyPI...
EUVD-2023-38151
Malicious code in bioql PyPI...
CVE-2023-24386
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Karishma Arora AI Contact Us Form plugin = 1.0 versions...
CVE-2025-28907
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rahul Arora WP Last Modified wp-last-modified allows Stored XSS.This issue affects WP Last Modified: from n/a through = 0.1...
CVE-2023-34027
Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a through 1.0.0...
CVE-2023-34027 WordPress Recently Viewed Products Plugin <= 1.0.0 is vulnerable to PHP Object Injection
Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a through 1.0.0...
CVE-2023-34027
CVE-2023-34027: WordPress Recently Viewed Products plugin ≤1.0.0 is reported vulnerable to unauthenticated PHP object injection (deserialization of untrusted data). Public sources in the connected documents identify the affected software and version range, with the vulnerability title/description...
WordPress Dashboard Widgets Suite Plugin <= 3.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Dashboard Widgets Suite Type Plugin Vulnerable versions = 3.4.1 Fixed in 3.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49743 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c6ab0c656b0c Credits Rachit Arora Required privileg...
CVE-2023-24386
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Karishma Arora AI Contact Us Form plugin = 1.0 versions...
CVE-2023-24386
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Karishma Arora AI Contact Us Form plugin = 1.0 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Karishma Arora AI Contact Us Form plugin = 1.0 versions...
CVE-2023-24386
The CVE refers to a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin “Karishma Arora AI Contact Us Form” versions <= 1.0. The issue is described as Auth. (admin+) XSS, indicating that authenticated users with admin-level privileges can exploit it. The root cause document...
CVE-2023-24386 WordPress AI Contact Us Form Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Karishma Arora AI Contact Us Form plugin = 1.0 versions...
PT-2023-19547 · Unknown · Karishma Arora Ai Contact Us Form
Name of the Vulnerable Software and Affected Versions: Karishma Arora AI Contact Us Form plugin versions 1.0 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. This vulnerability can be...
SUSE CVE-2011-3367
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...
WordPress FormCraft Basic plugin <= 1.2.5 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Chiragh Arora in WordPress FormCraft Basic plugin versions = 1.2.5. Solution Update the WordPress FormCraft Basic plugin to the latest available version at least 1.2.6...
Tenda AC5 AC1200 Wireless Cross Site Scripting
Exploit Title: Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting Exploit Author: Chiragh Arora Hardware Model: Tenda AC5 AC1200 Firmware version: V15.03.06.47multi Tested on: Kali Linux CVE ID: CVE-2021-3186 Date: 25.01.2021 Steps to Reproduce - - Navigate to the Tend...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.6 - perf/hwbp: Simplify the perf-hwbp code, fix documentation Linus Torvalds Orabug: 27947608 CVE-2018-100199 3.8.13-118.20.5 - x86/microcode: probe CPU features on microcode update Ankur Arora Orabug: 27806667 - x86/microcode: microcodewrite should not reference...
aroraenterprisespvtltd.com XSS vulnerability
Open Bug Bounty ID: OBB-294933 Description| Value ---|--- Affected Website:| aroraenterprisespvtltd.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
arora-design.co.uk XSS vulnerability
Vulnerable URL: http://www.arora-design.co.uk/storelocator/storelocatorresults.php?lat=56.002342=-3.820717=Fk1+4qb=%3C/script%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 09:08 GMT...