WordPress plugin WordPress Tag Cloud Plugin – Tag Groups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WordPress Tag Cloud Plugin...

WordPress WP Cloud plugin <= 1.4.3 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by SOPROBRO in WordPress Plugin WP Cloud versions = 1.4.3...

WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress Tag Cloud Plugin - Tag Groups plugin = 2.0.4 - Reflected Cross Site Scripting XSS vulnerability discovered by minhtuanact Patchstack Alliance in WordPress Plugin WordPress Tag Cloud Plugin – Tag Groups versions = 2.0.4...

WordPress plugin WordPress Tag Cloud Plugin – Tag Groups 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

PT-2024-30400 · WordPress · Taxopress Wordpress Tag Cloud Plugin

Name of the Vulnerable Software and Affected Versions: TaxoPress WordPress Tag Cloud Plugin – Tag Groups versions through 2.0.3 Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This affects the TaxoPress WordPress Tag Cloud Plugin, specifically...

WordPress Tag Groups plugin <= 2.0.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin WordPress Tag Cloud Plugin – Tag Groups versions = 2.0.3...

CVE-2024-7628 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.2 - Authentication Bypass to Account Takeover

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.15.2. This is due to the use of loose comparison in the 'verifyidtoken' function. This makes it possible for unauthenticated attackers to...

CVE-2015-10105

A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress. This affects the function validjsidentifier of the file ipblacklistcloud.php of the component CSV File Import. The manipulation of the argument filename leads to path traversal. It i...

Path traversal

A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress. This affects the function validjsidentifier of the file ipblacklistcloud.php of the component CSV File Import. The manipulation of the argument filename leads to path traversal. It i...

CVE-2015-10105

CVE-2015-10105 affects the WordPress IP Blacklist Cloud Plugin (CSV File Import) up to version 3.42, specifically the valid_js_identifier function in ip_blacklist_cloud.php. The vulnerability arises from improper handling of the filename argument, enabling path traversal and remote initiation of ...

CVE-2015-10105 IP Blacklist Cloud Plugin CSV File Import ip_blacklist_cloud.php valid_js_identifier path traversal

A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress. This affects the function validjsidentifier of the file ipblacklistcloud.php of the component CSV File Import. The manipulation of the argument filename leads to path traversal. It i...

PT-2023-10284 · WordPress · Ip Blacklist Cloud Plugin

Name of the Vulnerable Software and Affected Versions: IP Blacklist Cloud Plugin versions up to 3.42 Description: A critical vulnerability was found in the IP Blacklist Cloud Plugin on WordPress, affecting the valid js identifier function of the ip blacklist cloud.php file in the CSV File Import...

CVE-2022-42462

Auth. Stored Cross-Site Scripting XSS vulnerability in Adeel Ahmed's IP Blacklist Cloud plugin = 5.00 versions...

CVE-2022-43462 WordPress IP Blacklist Cloud Plugin <= 5.00 is vulnerable to SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability in Adeel Ahmed's IP Blacklist Cloud plugin = 5.00 versions...

IP Blacklist Cloud Plugin <= 5.00 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

WordPress IP Blacklist Cloud plugin <= 5.00 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Mika Patchstack Alliance in the WordPress IP Blacklist Cloud plugin versions = 5.00. Solution Deactivate and delete. This plugin has been closed as of September 28, 2022 and is not available for download. This closure is temporary, pending a fu...

CVE-2022-36417

Multiple Stored Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability in 3D Tag Cloud plugin = 3.8 at WordPress...

WordPress plugin 3D Tag Cloud 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

GHSA-GRF8-94Q5-4PHX CSRF vulnerability and missing permission checks in Openstack Cloud Plugin allowed capturing credentials

A exposure of sensitive information vulnerability exists in Jenkins Openstack Cloud Plugin 2.35 and earlier in BootSource.java, InstancesToRun.java, JCloudsCleanupThread.java, JCloudsCloud.java, JCloudsComputer.java, JCloudsPreCreationThread.java, JCloudsRetentionStrategy.java, JCloudsSlave.java,...

CSRF vulnerability and missing permission checks in Openstack Cloud Plugin allowed capturing credentials

A exposure of sensitive information vulnerability exists in Jenkins Openstack Cloud Plugin 2.35 and earlier in BootSource.java, InstancesToRun.java, JCloudsCleanupThread.java, JCloudsCloud.java, JCloudsComputer.java, JCloudsPreCreationThread.java, JCloudsRetentionStrategy.java, JCloudsSlave.java,...