15 matches found
CVE-2023-45643
Cross-Site Request Forgery CSRF vulnerability in Anurag Deshmukh CPT Shortcode Generator plugin = 1.0 versions...
EUVD-2023-49936
Malicious code in bioql PyPI...
EUVD-2023-49935
Malicious code in bioql PyPI...
CPT Shortcode Generator <= 1.0 - Admin+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-45644
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Anurag Deshmukh CPT Shortcode Generator plugin = 1.0 versions...
CVE-2023-45644
CVE-2023-45644: Authenticated (admin+) Stored Cross-Site Scripting in the CPT Shortcode Generator plugin prior to or at version 1.0. Root cause details are not explicitly stated in the provided documents, but the vulnerability is described as a stored XSS affecting admin-level contexts. Public ex...
CVE-2023-45644 WordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Anurag Deshmukh CPT Shortcode Generator plugin = 1.0 versions...
PT-2023-29621 · WordPress · Cpt Shortcode Generator
Name of the Vulnerable Software and Affected Versions: CPT Shortcode Generator plugin versions prior to 1.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For versions prior to 1.1...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Anurag Deshmukh CPT Shortcode Generator plugin = 1.0 versions...
CVE-2023-45643 WordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Anurag Deshmukh CPT Shortcode Generator plugin = 1.0 versions...
CVE-2023-45643 WordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Anurag Deshmukh CPT Shortcode Generator plugin = 1.0 versions...
CVE-2023-45643
CVE-2023-45643 : Cross-Site Request Forgery (CSRF) in the WordPress plugin “CPT Shortcode Generator” (≤1.0). Connected sources consistently describe CSRF as the vulnerability, with the exploit requiring no privileges but user interaction in some tiers, and unauthenticated access reported by some ...
WordPress Plugin CPT Shortcode Generator Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software CPT Shortcode Generator Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45643 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 729ac653cedf Credits Lokesh Dachepal...
WordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software CPT Shortcode Generator Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45644 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8bfa1d036efa Credits Lokesh Dachepalli...