EUVD-2024-16408

Malicious code in bioql PyPI...

EUVD-2022-51850

Malicious code in bioql PyPI...

EUVD-2024-54000

Malicious code in bioql PyPI...

CVE-2022-4509

The Content Control WordPress plugin before 1.1.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high...

CVE-2024-11153

The WordPress plugin Content Control (The Ultimate Content Restriction Plugin) is affected by CVE-2024-11153: an unauthenticated bypass that allows sensitive information exposure via the WordPress core search feature in all versions up to and including 2.5.0. Wordfence and CVE records describe th...

WordPress plugin Content Control 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress Content Control Plugin <= 2.1.0 is vulnerable to Broken Access Control

Software Content Control Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0615 Patch priority Low CVSS severity Low 5.3 Developer Code Atlantic LLC PSID 3c7e15ef621e Credits Francesco Carlucci Required...

CVE-2022-4509

The Content Control WordPress plugin before 1.1.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high...

CVE-2022-4509 Content Control < 1.1.10 - Contributor+ Stored XSS

The Content Control WordPress plugin before 1.1.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high...

WordPress plugin Content Control 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

WordPress Content Control Plugin < 1.1.10 is vulnerable to Cross Site Scripting (XSS)

Software Content Control Type Plugin Vulnerable versions 1.1.10 Fixed in 1.1.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4509 Patch priority Medium CVSS severity Medium 6.3 Developer Code Atlantic LLC PSID a16131ad7c93 Credits István Márton...

Content Control < 1.1.10 - Contributor+ Stored XSS

The plugin does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins. PoC Explo...