8 matches found
EUVD-2024-36737
Malicious code in bioql PyPI...
CVE-2024-37536
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web357 Easy Custom Code LESS/CSS/JS – Live editing allows Stored XSS.This issue affects Easy Custom Code LESS/CSS/JS – Live editing: from n/a through 1.0.8...
CVE-2024-37536
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web357 Easy Custom Code LESS/CSS/JS – Live editing allows Stored XSS.This issue affects Easy Custom Code LESS/CSS/JS – Live editing: from n/a through 1.0.8...
CVE-2024-37536
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web357 Easy Custom Code LESS/CSS/JS – Live editing allows Stored XSS.This issue affects Easy Custom Code LESS/CSS/JS – Live editing: from n/a through 1.0.8...
CVE-2024-37536 WordPress Easy Custom Code (LESS/CSS/JS) Plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web357 Easy Custom Code LESS/CSS/JS – Live editing allows Stored XSS.This issue affects Easy Custom Code LESS/CSS/JS – Live editing: from n/a through 1.0.8...
CVE-2024-37536
CVE-2024-37536 is a stored XSS vulnerability in the WordPress plugin Easy Custom Code (Live editing) affecting 1.0.8 and earlier. Exploitation involves the plugin’s Live editing feature, allowing stored XSS without relying on external vectors; remediation is to update to a version later than 1.0....
CVE-2024-37536 WordPress Easy Custom Code (LESS/CSS/JS) Plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web357 Easy Custom Code LESS/CSS/JS – Live editing allows Stored XSS.This issue affects Easy Custom Code LESS/CSS/JS – Live editing: from n/a through 1.0.8...
WordPress Easy Custom Code (LESS/CSS/JS) – Live editing Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)
Software Easy Custom Code LESS/CSS/JS – Live editing Type Plugin Vulnerable versions = 1.0.8 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37536 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9a38a57946fb Credits Cronus...