CVE-2023-49159

Server-Side Request Forgery SSRF vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4...

EUVD-2013-1447

Malware in sbrugna...

EUVD-2023-53164

Malicious code in bioql PyPI...

CVE-2023-49159

Server-Side Request Forgery SSRF vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4...

CVE-2023-49159

Server-Side Request Forgery SSRF vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4...

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4...

CVE-2023-49159 WordPress CommentLuv Plugin <= 3.0.4 is vulnerable to Server Side Request Forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4...

CVE-2023-49159

CVE-2023-49159 affects the WordPress CommentLuv plugin (vulnerable up to 3.0.4). The issue is Server-Side Request Forgery (SSRF) that can cause the server to make unintended requests. Public sources (NVD, Red Hat, Patchstack, Wordfence) identify this entry and indicate there is no patched version...

WordPress Plugin CommentLuv Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

WordPress CommentLuv Plugin <= 4 is vulnerable to Server Side Request Forgery (SSRF)

Software CommentLuv Type Plugin Vulnerable versions = 4 Fixed in N/A OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2023-49159 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 30f6e52299e3 Credits Yuchen Ji Require...

CommentLuv 2.92.3 - Cross Site Scripting

The CommentLuv WordPress plugin was affected by a Cross Site Scripting security vulnerability...

WordPress CommentLuv Plugin '_ajax_nonce' Cross-Site Scripting Vulnerability

WordPress CommentLuv Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2013-1409

Cross-site scripting XSS vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxnonce parameter to wp-admin/admin-ajax.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxnonce parameter to wp-admin/admin-ajax.php...

CVE-2013-1409

CVE-2013-1409 affects the WordPress CommentLuv plugin prior to 2.92.4. The vulnerability is a cross-site scripting (XSS) flaw in the _ajax_nonce parameter passed to wp-admin/admin-ajax.php, allowing an attacker to inject arbitrary script/HTML. CVSSv2 base score listed as 4.3 (Medium) with I-P imp...

CVE-2013-1409

Cross-site scripting XSS vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxnonce parameter to wp-admin/admin-ajax.php...

Cross-Site Scripting &#40;XSS&#41; Vulnerability in CommentLuv WordPress Plugin

Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...

WordPress CommentLuv 2.92.3 Cross Site Scripting Vulnerability

WordPress CommentLuv version 2.92.3 suffers from a cross site scripting vulnerability. Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public...

WordPress CommentLuv Plugin - Cross Site Scripting

WordPress CommentLuv plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...

WordPress Plugin CommentLuv - &#039;_ajax_nonce&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/57771/info The CommentLuv plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...