WordPress plugin Amelia 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Like Button Rating LikeBtn plugin <= 2.6.53 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin Like Button Rating versions = 2.6.53...

WordPress Like Button Rating Plugin <= 2.6.53 is vulnerable to Cross Site Request Forgery (CSRF)

Software Like Button Rating Type Plugin Vulnerable versions = 2.6.53 Fixed in 2.6.54 OWASP Top 10 A3: Injection Classification Cross Site Request Forgery CSRF CVE CVE-2024-44064 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 604b9cb063a6 Credits Muhammad Daffa Required...

CVE-2024-6499

CVE-2024-6499 refers to the WordPress Button Plugin MaxButtons vulnerability. The MaxButtons plugin (WordPress Button Plugin MaxButtons) versions up to and including 9.7.8 expose full filesystem paths, enabling unauthenticated attackers to obtain instance paths. The risk is information exposure w...

WordPress plugin WordPress Button Plugin MaxButtons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Loan Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Loan Management System 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...

CVE-2024-43236

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Scott Paterson Easy PayPal Buy Now Button.This issue affects Easy PayPal Buy Now Button: from n/a through 1.9...

CVE-2024-43236

CVE-2024-43236 is a URL Redirection to Untrusted Site vulnerability in the WordPress plugin Easy PayPal Buy Now Button (versions

CVE-2024-43236 WordPress Easy PayPal & Stripe Buy Now Button plugin <= 1.9 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Scott Paterson Easy PayPal Buy Now Button.This issue affects Easy PayPal Buy Now Button: from n/a through 1.9...

WordPress plugin Easy PayPal Buy Now Button 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

PT-2024-30399 · Unknown · Scott Paterson Easy Paypal Buy Now Button

Name of the Vulnerable Software and Affected Versions: Scott Paterson Easy PayPal Buy Now Button versions 1.9 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This vulnerability allows redirection to untrusted...

CVE-2024-43347

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in VirusTran Button contact VR allows Stored XSS.This issue affects Button contact VR: from n/a through 4.7.3...

CVE-2024-43347 WordPress Button contact VR plugin <= 4.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in VirusTran Button contact VR allows Stored XSS.This issue affects Button contact VR: from n/a through 4.7.3...

CVE-2024-43347 WordPress Button contact VR plugin <= 4.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in VirusTran Button contact VR allows Stored XSS.This issue affects Button contact VR: from n/a through 4.7.3...

CVE-2024-43347

CVE-2024-43347: Button contact VR, a WordPress plugin, is affected by a stored XSS due to improper input neutralization during web page generation. The issue reportedly affects Button contact VR versions up to 4.7.3 (initial note) and is tracked by references noting a later patched range (

WordPress plugin Button contact VR 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

PT-2024-30514 · Unknown · Virustran Button Contact Vr

Name of the Vulnerable Software and Affected Versions: VirusTran Button contact VR versions 4.7.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS Cross-site Scripting attacks. This means an attacker could...

WordPress Button contact VR plugin <= 4.7.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Button contact VR versions = 4.7.7...

WordPress Button contact VR Plugin <= 4.7.7 is vulnerable to Cross Site Scripting (XSS)

Software Button contact VR Type Plugin Vulnerable versions = 4.7.7 Fixed in 4.7.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43347 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6b921209fd5e Credits Cronus Required privilege...

Malicious code in uitk-react-experimental-button-tabs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74d35a0704d9415d237418973ea82b6c991e02af5b2381fc696268805ff39a30 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...