WordPress plugin FlickRocket 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin FlickRocke...

PT-2025-1848 · WordPress · Woocommerce Digital Content Delivery (Incl. Drm) – Flickrocket Plugin

Name of the Vulnerable Software and Affected Versions: WooCommerce Digital Content Delivery incl. DRM – FlickRocket plugin for WordPress versions up to, and including, 4.74 Description: The issue arises from insufficient input sanitization and output escaping, allowing unauthenticated attackers t...

WordPress plugin Order Tracking Pro 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

WordPress Plugin Editorial Calendar SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PT-2022-26796 · Unknown · Billing System Project

Name of the Vulnerable Software and Affected Versions: Billing System Project version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the endDate parameter at the "getOrderReport.php" endpoint. Recommendations: For Billing System...

CVE-2022-35590

A cross-site scripting XSS issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the "enddate" Parameter...

CVE-2022-35590

A cross-site scripting XSS issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the "enddate" Parameter...

CVE-2022-35590

A cross-site scripting XSS issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the "enddate" Parameter...

ForkCMS 跨站脚本漏洞

ForkCMS is a software application. An easy-to-use open source CMS using Symfony components. A security vulnerability exists in ForkCMS version 5.9.3. A remote attacker can exploit this vulnerability to inject JavaScript via the "enddate" parameter...

CVE-2021-39354

The Easy Digital Downloads WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $startdate and $enddate parameters found in the /includes/admin/payments/class-payments-table.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.11.2...

CVE-2017-9510

The repository changelog resource in Atlassian Fisheye before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the start date and end date parameters...