4 matches found
EUVD-2025-8073
Malicious code in bioql PyPI...
CVE-2024-12623
The DICOM Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dcm' shortcode in all versions up to, and including, 0.10.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-12623 DICOM Support <= 0.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
The DICOM Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dcm' shortcode in all versions up to, and including, 0.10.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-12623
CVE-2024-12623 affects the DICOM Support WordPress plugin. The vulnerability is a Stored XSS via the plugin’s dcm shortcode across all versions up to 0.10.6, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authentication at contribu...