12 matches found
EUVD-2024-36878
Malicious code in bioql PyPI...
CVE-2024-37918
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCone ConeBlog – WordPress Blog Widgets coneblog-widgets.This issue affects ConeBlog – WordPress Blog Widgets: from n/a through = 1.4.8...
CVE-2024-37918
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCone ConeBlog – WordPress Blog Widgets coneblog-widgets.This issue affects ConeBlog – WordPress Blog Widgets: from n/a through = 1.4.8...
CVE-2024-37918 WordPress ConeBlog plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCone ConeBlog – WordPress Blog Widgets coneblog-widgets.This issue affects ConeBlog – WordPress Blog Widgets: from n/a through = 1.4.8...
CVE-2024-37918
CVE-2024-37918 affects ConeBlog – WordPress Blog Widgets (ConeBlog Widgets) for WordPress. Described as an stored XSS due to Improper Neutralization of Input During Web Page Generation, impacting ConeBlog Widgets versions from n/a through 1.4.8. The connected records confirm the same vulnerabilit...
CVE-2024-37918 WordPress ConeBlog plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCone ConeBlog – WordPress Blog Widgets coneblog-widgets.This issue affects ConeBlog – WordPress Blog Widgets: from n/a through = 1.4.8...
PT-2024-27823 · WordPress · Coneblog – Wordpress Blog Widgets
Name of the Vulnerable Software and Affected Versions: ConeBlog – WordPress Blog Widgets versions 1.4.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
WordPress ConeBlog plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin ConeBlog – WordPress Blog Widgets versions = 1.4.8...
WordPress ConeBlog – WordPress Blog Widgets Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)
Software ConeBlog – WordPress Blog Widgets Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37918 Patch priority Low CVSS severity Low 6.5 Developer WP Cone PSID 955179e335e5 Credits João Pedro S Alcântara Kinor...
WordPress ConeBlog – WordPress Blog Widgets Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)
Software ConeBlog – WordPress Blog Widgets Type Plugin Vulnerable versions = 1.4.7 Fixed in 1.4.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WP Cone PSID 46d2d31b4e72 Credits Rafie Muhammad...
WordPress ConeBlog – WordPress Blog Widgets plugin <= 1.4.5 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress ConeBlog – WordPress Blog Widgets plugin versions = 1.4.5. Solution Update the WordPress ConeBlog – WordPress Blog Widgets plugin to the latest available version at least 1.4.6...
WordPress ConeBlog – WordPress Blog Widgets plugin <= 1.4.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress ConeBlog – WordPress Blog Widgets plugin versions = 1.4.5. Solution Update the WordPress ConeBlog – WordPress Blog Widgets plugin to the latest available version at least 1.4.6...