2672 matches found
Malicious code in mitui-comp-follow-button (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ec2258f4ac3890208ab0a86cfa7870e80a344822c1754abc483caa4d7aede97 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-308 Malicious code in @harrysforge/button (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0ad11572f55c827262447cd0c1170bceee7eb0e9dc4feb1e492ce378725f5d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @harrysforge/button (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0ad11572f55c827262447cd0c1170bceee7eb0e9dc4feb1e492ce378725f5d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in buy-button-storefront (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e4b8b996702ddd85ace1d3199b515bf69d94da28c2ef23e096944093eaaa46b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1733 Malicious code in buy-button-storefront (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e4b8b996702ddd85ace1d3199b515bf69d94da28c2ef23e096944093eaaa46b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in brock-react-button (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e5501b5519eb60173c8b4749356fa44ebfa4755d907ce53f9e0c7a2c491ff8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-0663
The Print, PDF, Email by PrintFriendly WordPress plugin before 5.2.3 does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0663
The Print, PDF, Email by PrintFriendly WordPress plugin before 5.2.3 does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
WordPress Button Widget Smartsoft plugin <= 1.0.1 - Cross-Site Request Forgery (CSRF) vulnerability to Cross-Site Scripting (XSS)
Cross-Site Request Forgery CSRF vulnerability to Cross-Site Scripting XSS was discovered by Ryo Onodera Cryptography Laboratory Tokyo Denki University in the WordPress Button Widget Smartsoft plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed as of June 8, 2022 a...
WordPress Like Button Rating plugin Access Control Error Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control error...
CVE-2022-0745
The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...
CVE-2022-0745
The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...
CVE-2022-0745
The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...
Information disclosure
The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...
CVE-2022-0745
CVE-2022-0745 affects the WordPress plugin “Like Button Rating” (LikeBtn). Connected documents confirm that versions prior to 2.6.45 allow any logged-in user (e.g., a subscriber) to send arbitrary emails to any recipient with arbitrary subject and body, via the plugin’s exposed functionality (e.g...
WordPress plugin Like Button Rating 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control error...
CVE-2022-29948
Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...
CVE-2020-36524
A vulnerability was found in Refined Toolkit. It has been rated as problematic. Affected by this issue is some unknown functionality of the component UI-Image/UI-Button. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the publ...
CVE-2020-36524
A vulnerability was found in Refined Toolkit. It has been rated as problematic. Affected by this issue is some unknown functionality of the component UI-Image/UI-Button. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the publ...
Cross site scripting
A vulnerability was found in Refined Toolkit. It has been rated as problematic. Affected by this issue is some unknown functionality of the component UI-Image/UI-Button. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the publ...