EUVD-2024-34222

Malicious code in bioql PyPI...

CVE-2024-11903

The WP eCards plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ecard' shortcode in all versions up to, and including, 1.3.904 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-11903

CVE-2024-11903 affects the WP eCards WordPress plugin via Stored Cross‑Site Scripting in the ecard shortcode in versions up to 1.3.904. Exploitation requires authenticated access at contributor level or higher and can inject scripts that run when users view the affected pages. Connected sources c...

CVE-2024-11903 WP eCards <= 1.3.904 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP eCards plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ecard' shortcode in all versions up to, and including, 1.3.904 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress plugin WP eCards 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress WP eCards plugin <= 1.3.904 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin WP eCards versions = 1.3.904...

ecards.com Cross Site Scripting vulnerability OBB-3855739

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Improper Access Control

admidio/admidio is vulnerable to Improper Access Control. The vulnerability exists due to improper restrictions in album locking which allows an attacker to send ecards and view the album data...

US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns

US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed email messages and fraudulent posts on social networking...

Ecards: Birthday Wishes & more - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Ecards: Birthday Wishes & more published at the 'play' market has multiple vulnerabilities...