9 matches found
EUVD-2010-5066
Malware in sbrugna...
EUVD-2021-11728
Malware in sbrugna...
EUVD-2023-34432
Malicious code in bioql PyPI...
CVE-2024-1745
The Testimonial Slider WordPress plugin before 2.3.7 does not properly ensure that a user has the necessary capabilities to edit certain sensitive Testimonial Slider WordPress plugin before 2.3.7 settings, making it possible for users with at least the Author role to edit them...
CVE-2024-1333
The Responsive Pricing Table WordPress plugin before 5.1.11 does not validate and escape some of its Pricing Table options before outputting them back in a page/post where the related shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting...
CVE-2024-11847
The wp-svg-upload WordPress plugin through 1.0.0 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks...
WordPress plugin Slide Anything Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Plugin Slider Revolution Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...
PT-2023-20306 · WordPress · Inventorypress
Name of the Vulnerable Software and Affected Versions: InventoryPress WordPress plugin versions 1.7 and earlier Description: The issue allows users with the role of author and above to perform Stored Cross-Site Scripting attacks due to the plugin not sanitising and escaping some of its settings...