EUVD-2015-1122

Malware in sbrugna...

EUVD-2024-49947

Malicious code in bioql PyPI...

CVE-2024-9452

The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inje...

CVE-2015-10112

A vulnerability classified as problematic has been found in WooFramework Branding Plugin up to 1.0.1 on WordPress. Affected is the function adminscreenlogic of the file wooframework-branding.php. The manipulation of the argument url leads to open redirect. It is possible to launch the attack...

CVE-2024-52438 WordPress de:branding plugin <= 1.0.2 - Privilege Escalation vulnerability

Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows Privilege Escalation.This issue affects de:branding: from n/a through 1.0.2...

WordPress de:branding plugin <= 1.0.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin de:branding versions = 1.0.2...

CVE-2024-9452

The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inje...

CVE-2024-9452

The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inje...

CVE-2024-9452 Branding <= 1.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inje...

CVE-2024-9452

CVE-2024-9452 (Branding plugin for WordPress) is a stored XSS vulnerability that affects all versions up to 1.0, enabling an authenticated attacker with Author-level access or higher to inject script via SVG file uploads. The available connected documents confirm the root cause as insufficient in...

WordPress plugin Branding 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Branding plugin <= 1.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin Branding versions = 1.0...

PT-2024-39642 · WordPress · Branding Plugin

Name of the Vulnerable Software and Affected Versions: Branding plugin for WordPress versions up to, and including, 1.0 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escaping. This allows authenticated...

CVE-2015-10112

A vulnerability classified as problematic has been found in WooFramework Branding Plugin up to 1.0.1 on WordPress. Affected is the function adminscreenlogic of the file wooframework-branding.php. The manipulation of the argument url leads to open redirect. It is possible to launch the attack...

CVE-2015-10112 WooFramework Branding Plugin wooframework-branding.php admin_screen_logic redirect

A vulnerability classified as problematic has been found in WooFramework Branding Plugin up to 1.0.1 on WordPress. Affected is the function adminscreenlogic of the file wooframework-branding.php. The manipulation of the argument url leads to open redirect. It is possible to launch the attack...

CVE-2015-10112

CVE-2015-10112 affects the WordPress plugin WooFramework Branding up to version 1.0.1. The vulnerability resides in the function admin_screen_logic of wooframework-branding.php, where manipulation of the url argument enables an open redirect. This can be triggered remotely. The recommended remedi...

PT-2023-10290 · WordPress · Wooframework Branding Plugin

Name of the Vulnerable Software and Affected Versions: WooFramework Branding Plugin versions up to 1.0.1 Description: A problematic vulnerability has been found in the WooFramework Branding Plugin on WordPress. The issue affects the admin screen logic function of the file wooframework-branding.ph...

wordpress plugin funny-branding cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the wordpress plugin funny-branding, which allows an attacker to frame malicio...