39 matches found
EUVD-2023-59058
Malicious code in bioql PyPI...
EUVD-2024-46557
Malicious code in bioql PyPI...
EUVD-2024-46556
Malicious code in bioql PyPI...
CVE-2024-5330
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdancecssfilepathscache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-5331
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 1.7.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to export form submissions...
CVE-2023-6854
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom postmeta output in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping on user supplied post meta fields. This makes it possible for authenticat...
CVE-2024-4605
The Breakdance plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.7.1 via post meta data. This is due to the plugin storing custom data in metadata without an underscore prefix. This makes it possible for lower privileged users, such as contributor...
CVE-2024-5330
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdancecssfilepathscache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-5331
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 1.7.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to export form submissions...
CVE-2024-5330
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdancecssfilepathscache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-5330
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdancecssfilepathscache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-5331
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 1.7.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to export form submissions...
CVE-2024-5331 Breakdance <= 1.7.2 - Missing Authorization
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 1.7.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to export form submissions...
CVE-2024-5330
The CVE-2024-5330 entry concerns the Breakdance WordPress plugin (versions
CVE-2024-5330 Breakdance <= 1.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdancecssfilepathscache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-5330 Breakdance <= 1.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdancecssfilepathscache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Breakdance plugin <= 1.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Breakdance versions = 1.7.2...
WordPress Breakdance plugin <= 1.7.2 - Missing Authorization vulnerability
Missing Authorization vulnerability discovered by Francesco Carlucci in WordPress Plugin Breakdance versions = 1.7.1...
PT-2024-35718 · WordPress · Breakdance
Name of the Vulnerable Software and Affected Versions: Breakdance plugin for WordPress versions up to, and including, 1.7.2 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers with...
WordPress plugin Breakdance 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...