EUVD-2023-44915

Malicious code in bioql PyPI...

CVE-2023-40328

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Carrrot plugin = 1.1.0 versions...

CVE-2023-40328

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Carrrot plugin = 1.1.0 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Carrrot plugin = 1.1.0 versions...

CVE-2023-40328

The CVE-2023-40328 entry concerns Carrrot WordPress plugin versions ≤ 1.1.0, with an authenticated admin+ Stored XSS vulnerability. Root cause: improper handling/escaping of parameters that allows stored XSS when an admin+ user loads the affected page. Impact is described as cross-site scripting ...

WordPress plugin carrrot cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2023-27389 · Carrot · Carrot

Name of the Vulnerable Software and Affected Versions: Carrrot plugin versions = 1.1.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects the Carrrot plugin and can be exploited by an...