3 matches found
EUVD-2023-34204
Malicious code in bioql PyPI...
CVE-2023-2743 WP ERP < 1.12.4 - Reflected Cross-Site Scripting
The ERP WordPress plugin before 1.12.4 does not sanitise and escape the employeename parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
PT-2023-21118 · WordPress · Erp
Name of the Vulnerable Software and Affected Versions: ERP WordPress plugin versions prior to 1.12.4 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the employee name parameter is not properly sanitised and escaped before being outputted back in th...