21 matches found
EUVD-2017-8262
Malware in sbrugna...
EUVD-2024-22291
Malicious code in bioql PyPI...
CVE-2024-24928
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
MAL-2024-1840 Malicious code in braze-content-cards-inbox (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in braze-content-cards-inbox (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-24928
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
CVE-2024-24928
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
CVE-2024-24928
CVE-2024-24928 affects the WordPress plugin Content Cards (versions up to 0.9.7). The issue is an unauthorized input handling flaw that enables Stored XSS via shortcode when rendering pages, due to insufficient input sanitization/output escaping by the plugin. The Wordfence vulnerability record f...
CVE-2024-24928 WordPress Content Cards Plugin <= 0.9.7 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
CVE-2024-24928 WordPress Content Cards Plugin <= 0.9.7 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
WordPress Plugin Content Cards Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Content Cards <= 0.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
Description The Content Cards plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 0.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress Content Cards Plugin <= 0.9.7 is vulnerable to Cross Site Scripting (XSS)
Software Content Cards Type Plugin Vulnerable versions = 0.9.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24928 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6115f90df15e Credits Ngô Thiên An ancorn from VNPT-VCI Required...
WordPress Content Cards Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports PHP and MySQL server set up a personal blog site.Content Cards plugin is used in one of the website link embedded plug-ins. A cross-site scripting vulnerability exists i...
WordPress Content Cards Plugin <= 0.9.6 - Cross-Site Scripting vulnerability
A cross site scripting vulnerability was found in WordPress Content Cards plugin in 0.9.6 version. This vulnerability is related to OpenGraph Data Handler functionality. The data is not sanitized properly and it leads to a cross site scripting vulnerability. Solution Update the plugin...
CVE-2017-17096
Cross-site scripting XSS vulnerability in the Content Cards plugin before 0.9.7 for WordPress allows remote attackers to inject arbitrary JavaScript via crafted OpenGraph data...
Cross site scripting
Cross-site scripting XSS vulnerability in the Content Cards plugin before 0.9.7 for WordPress allows remote attackers to inject arbitrary JavaScript via crafted OpenGraph data...
CVE-2017-17096
Cross-site scripting XSS vulnerability in the Content Cards plugin before 0.9.7 for WordPress allows remote attackers to inject arbitrary JavaScript via crafted OpenGraph data...
CVE-2017-17096
The vulnerability CVE-2017-17096 affects the WordPress Content Cards plugin prior to version 0.9.7. An XSS flaw exists in processing OpenGraph data, allowing remote attackers to inject arbitrary JavaScript. Practical impact is described as arbitrary script execution via crafted OpenGraph data on ...