WordPress plugin Import and export users and customers 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

EUVD-2023-26140

Malicious code in bioql PyPI...

CVE-2024-4734

The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.26.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2023-21975

Vulnerability in the Application Express Customers Plugin product of Oracle Application Express component: User Account. Supported versions that are affected are Application Express Customers Plugin: 18.2-22.2. Easily exploitable vulnerability allows low privileged attacker with network access vi...

CVE-2024-13885

The WP e-Customers Beta WordPress plugin through 0.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress Services updates for customers plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Services updates for customers versions = 1.0...

WordPress Import and export users and customers plugin <= 1.26.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.5...

CVE-2023-21975

Vulnerability in the Application Express Customers Plugin product of Oracle Application Express component: User Account. Supported versions that are affected are Application Express Customers Plugin: 18.2-22.2. Easily exploitable vulnerability allows low privileged attacker with network access vi...

CVE-2023-21975

Vulnerability in the Application Express Customers Plugin product of Oracle Application Express component: User Account. Supported versions that are affected are Application Express Customers Plugin: 18.2-22.2. Easily exploitable vulnerability allows low privileged attacker with network access vi...

Code injection

Vulnerability in the Application Express Customers Plugin product of Oracle Application Express component: User Account. Supported versions that are affected are Application Express Customers Plugin: 18.2-22.2. Easily exploitable vulnerability allows low privileged attacker with network access vi...

CVE-2023-21975

The CVE-2023-21975 affects Oracle Application Express, specifically the Application Express Customers Plugin (component: User Account) with vulnerable versions 18.2–22.2. The root cause is insufficient input validation in the Customers Plugin, enabling a remote attacker to modify, add, or delete ...

PT-2023-3627 · Oracle · Application Express Customers Plugin

Name of the Vulnerable Software and Affected Versions: Application Express Customers Plugin versions 18.2 through 22.2 Description: The issue exists due to insufficient input validation in the Application Express Customers Plugin component of Oracle Application Express. This allows a remote...

Oracle Application Express 安全漏洞

Oracle Application Express is the United States Oracle Oracle, a low-code development platform. A security vulnerability exists in the Application Express Customers Plugin for Oracle Application Express, which can be exploited by an attacker to cause the Application Express Customers Plugin to be...