16 matches found
CVE-2022-0785
The Daily Prayer Time WordPress plugin before 2022.03.01 does not sanitise and escape the month parameter before using it in a SQL statement via the getmonthlytimetable AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...
EUVD-2023-31368
Malicious code in bioql PyPI...
EUVD-2023-51912
Malicious code in bioql PyPI...
EUVD-2023-31367
Malicious code in bioql PyPI...
CVE-2023-27632
Cross-Site Request Forgery CSRF vulnerability in mmrs151 Daily Prayer Time plugin = 2023.03.08 versions...
CVE-2023-27631
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in mmrs151 Daily Prayer Time plugin = 2023.05.04 versions...
CVE-2023-47817
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mmrs151 Daily Prayer Time plugin = 2023.10.13 versions...
CVE-2024-8621
The Daily Prayer Time plugin for WordPress is vulnerable to SQL Injection via the 'maxword' attribute of the 'quranverse' shortcode in all versions up to, and including, 2024.08.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mmrs151 Daily Prayer Time plugin = 2023.10.13 versions...
CVE-2023-47817 WordPress Daily Prayer Time Plugin <= 2023.10.13 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mmrs151 Daily Prayer Time plugin = 2023.10.13 versions...
CVE-2023-47817
CVE-2023-47817 is a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin mmrs151 Daily Prayer Time, affecting versions up to 2023.10.13. Public sources confirm improper neutralization of input during web page generation as the root cause. PatchStack documents a fixed release on 2023-1...
CVE-2023-27632
Cross-Site Request Forgery CSRF vulnerability in mmrs151 Daily Prayer Time plugin = 2023.03.08 versions...
CVE-2023-27632
CVE-2023-27632 affects the WordPress plugin mmrs151 Daily Prayer Time (versions
CVE-2023-27631
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in mmrs151 Daily Prayer Time plugin = 2023.05.04 versions...
CVE-2023-27631
CVE-2023-27631 is a stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Daily Prayer Time (mmrs151) for versions
PT-2023-21268 · WordPress · Daily Prayer Time
Name of the Vulnerable Software and Affected Versions: Daily Prayer Time plugin versions prior to 2023.05.04 Description: A Stored Cross-Site Scripting XSS issue affects the Daily Prayer Time plugin, allowing attackers to inject malicious scripts. This issue is related to authentication and affec...