WordPress CodeKit – Custom Codes Editor Plugin < 2.3.6 is vulnerable to Cross Site Scripting (XSS)

Software CodeKit – Custom Codes Editor Type Plugin Vulnerable versions 2.3.6 Fixed in 2.3.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fe5c4dee3953 Credits Rafie Muhammad...

Malicious code in att-codekit (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 004ba0a87bf93fad7e23fc134ea62c1fad90d2917fff3ad6ca64a87adf16f69d The OpenSSF Package Analysis project identified 'att-codekit' @ 5.1.0 rubygems as malicious. It is considered malicious because: - The package...

MAL-2023-1423 Malicious code in att-codekit (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 004ba0a87bf93fad7e23fc134ea62c1fad90d2917fff3ad6ca64a87adf16f69d The OpenSSF Package Analysis project identified 'att-codekit' @ 5.1.0 rubygems as malicious. It is considered malicious because: - The package...

WordPress CodeKit – Custom Codes Editor plugin <= 2.2.9 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress CodeKit – Custom Codes Editor plugin versions = 2.2.9. Solution Update the WordPress CodeKit – Custom Codes Editor plugin to the latest available version at least 2.3...

WordPress CodeKit – Custom Codes Editor plugin <= 2.2.9 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress CodeKit – Custom Codes Editor plugin versions = 2.2.9. Solution Update the WordPress CodeKit – Custom Codes Editor plugin to the latest available version at least 2.3...