24 matches found
CVE-2022-0448
The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
EUVD-2023-46224
Malicious code in bioql PyPI...
CVE-2023-41732
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Blocks plugin = 1.0.20 versions...
CVE-2023-41732
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Blocks plugin = 1.0.20 versions...
CVE-2023-41732
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Blocks plugin = 1.0.20 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Blocks plugin = 1.0.20 versions...
CVE-2023-41732 WordPress CP Blocks Plugin <= 1.0.20 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Blocks plugin = 1.0.20 versions...
CVE-2023-41732 WordPress CP Blocks Plugin <= 1.0.20 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Blocks plugin = 1.0.20 versions...
CVE-2023-41732
CVE-2023-41732 affects the WordPress plugin CP Blocks (CodePeople CP Blocks)
WordPress Plugin CP Blocks Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
WordPress CP Blocks Plugin <= 1.0.20 is vulnerable to Cross Site Request Forgery (CSRF)
Software CP Blocks Type Plugin Vulnerable versions = 1.0.20 Fixed in 1.0.21 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41732 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 60f3812ae263 Credits István Márton Required...
CVE-2022-0448
The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2022-0448
The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2022-0448
The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
Cross site scripting
The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2022-0448
The CVE-2022-0448 issue affects the WordPress CP Blocks plugin prior to 1.0.15. A stored Cross-Site Scripting vulnerability arises because the plugin does not sanitize or escape the License ID setting, potentially allowing high-privilege users to inject script even when unfiltered_html is disallo...
WordPress CP Blocks plugin cross-site scripting vulnerability
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. A cross-site scripting vulnerability exists in versions of the WordPress CP Blocks plugin prior to 1.0.15, which stems from the plugin's failu...
WordPress CP Blocks 1.0.14 Cross Site Scripting
Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Date: 2022-02-02 Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...
WordPress plugin CP Blocks 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. A cross-site scripting vulnerability exists in versions of the WordPress CP Blocks plugin prior to 1.0.15, which stems from the plugin's failu...
WordPress CP Blocks 1.0.14 Plugin - Stored Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...