13 matches found
PT-2026-22085
Name of the Vulnerable Software and Affected Versions Drupal Anti-Spam by CleanTalk versions prior to 9.7.0 Description The software contains a flaw related to improper handling of user-supplied data during web page creation, which could allow for Cross-Site Scripting XSS attacks. The issue exist...
EUVD-2024-43983
Malicious code in bioql PyPI...
CVE-2024-22163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shield Security Shield Security – Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security – Smart Bot Blocking & Intrusion Prevention Security: from...
Anubis 安全漏洞
Anubis is a tool by Xe Iaso Individual Developers. Anubis has a security vulnerability that stems from allowing administrators to protect bots from AI crawling tools by bot-checking heuristic algorithms and proof-of-work challenges to block crawling from multiple IP addresses...
Shield Security – Smart Bot Blocking & Intrusion Prevention Security < 18.5.10 - Unauthenticated Local File Inclusion
Description The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and...
CVE-2023-6989
The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and execute PHP...
CVE-2023-6989 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 18.5.9 - Unauthenticated Local File Inclusion
The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and execute PHP...
CVE-2024-22163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shield Security Shield Security – Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security – Smart Bot Blocking & Intrusion Prevention Security: from...
CVE-2024-22163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shield Security Shield Security – Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security – Smart Bot Blocking & Intrusion Prevention Security: from...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shield Security Shield Security – Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security – Smart Bot Blocking & Intrusion Prevention Security: from...
CVE-2024-22163 WordPress Shield Security Plugin <= 18.5.7 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shield Security Shield Security – Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security – Smart Bot Blocking & Intrusion Prevention Security: from...
CVE-2024-22163
CVE-2024-22163 is a stored XSS vulnerability in the WordPress Shield Security plugin (Shield Security – Smart Bot Blocking & Intrusion Prevention Security)
CVE-2022-1165
The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. This could result in blocking arbitrary IP addresses, such as legitimate/good search...