4 matches found
EUVD-2025-15261
Malicious code in bioql PyPI...
CVE-2024-7769 Wordpress Clicksold IDX Plugin <= 1.90 - Admin+ XSS
The ClickSold IDX WordPress plugin through 1.90 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-7769 Wordpress Clicksold IDX Plugin <= 1.90 - Admin+ XSS
The ClickSold IDX WordPress plugin through 1.90 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2025-21504 · WordPress · Clicksold Idx Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: ClickSold IDX WordPress plugin versions 1.90 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and...