EUVD-2023-46146

Malicious code in bioql PyPI...

EUVD-2023-46147

Malicious code in bioql PyPI...

CVE-2023-41654

Cross-Site Request Forgery CSRF vulnerability in Andreas Heigl authLdap plugin = 2.5.8 versions...

CVE-2023-41655

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Andreas Heigl authLdap plugin = 2.5.9 versions...

CVE-2023-41654

Cross-Site Request Forgery CSRF vulnerability in Andreas Heigl authLdap plugin = 2.5.8 versions...

CVE-2023-41654

Cross-Site Request Forgery CSRF vulnerability in Andreas Heigl authLdap plugin = 2.5.8 versions...

CVE-2023-41654

CVE-2023-41654 affects the WordPress plugin authLdap (versions <= 2.5.8). The issue is a Cross-Site Request Forgery (CSRF) vulnerability due to missing CSRF protection when updating settings. A fix is available in version 2.5.9; upgrading to that version mitigates the vulnerability. Other conn...

CVE-2023-41655

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Andreas Heigl authLdap plugin = 2.5.9 versions...

CVE-2023-41655

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Andreas Heigl authLdap plugin = 2.5.9 versions...

CVE-2023-41655

CVE-2023-41655 affects the WordPress plugin authLdap (by Andreas Heigl). Public records describe an Authenticated Stored Cross-Site Scripting (XSS) vulnerability exploitable by an Administrator (admin+) due to input handling in the plugin. Vulnerable versions are listed as

CVE-2023-41655 WordPress authLdap Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Andreas Heigl authLdap plugin = 2.5.9 versions...

PT-2023-28027 · Andreas Heigl · Authldap Plugin

Name of the Vulnerable Software and Affected Versions: Andreas Heigl authLdap plugin versions = 2.5.9 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin+ privileges can inject malicious scripts into the...