EUVD-2022-51479

Malicious code in bioql PyPI...

CVE-2022-4110

The Eventify™ WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4110

The Eventify™ WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4110

The Eventify™ WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

The Eventify™ WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4110 Eventify <= 2.1 - Admin+ Stored XSS

The Eventify™ WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4110 Eventify <= 2.1 - Admin+ Stored XSS

The Eventify™ WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4110

The CVE-2022-4110 entry concerns the Eventify WordPress plugin (versions through 2.1). The vulnerability stems from insufficient sanitisation/escaping of certain settings, allowing stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, including in multisite se...

WordPress Plugin Eventify 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2022-25661 · WordPress · Eventify Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Eventify WordPress plugin versions prior to 2.1.1 is not specified, however, it is mentioned that versions through 2.1 are affected, so the correct output is: Eventify WordPress plugin versions through 2.1 Description: The issue allows high...

Eventify <= 2.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Go to Settings » Eventify. 2. Under 'Category...

Eventify - Simple Events <= 1.7.f - SQL Injection

The Eventify™ – Simple Events WordPress plugin was affected by a Simple Events = 1.7.f - SQL Injection security vulnerability...

WordPress Eventify - Simple Events plugin <= 1.7.f SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Eventify - Simple Events plugin = 1.7.f SQL Injection Vulnerability Date: 2011-09-07 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/eventify.zip Version: 1.7.f tested...

WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection

WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection Exploit Title: WordPress Eventify - Simple Events plugin getresults$qry;...

WordPress Eventify - Simple Events Plugin <= 1.7.f SQL Injection

WordPress Eventify plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

WordPress Eventify Simple Events 1.7.f SQL Injection

Exploit Title: WordPress Eventify - Simple Events plugin getresults$qry;...

WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection

Exploit Title: WordPress Eventify - Simple Events plugin getresults$qry;...

WordPress Eventify - Simple Events plugin <= 1.7.f SQL Injection

Exploit for php platform in category web applications Exploit Title: WordPress Eventify - Simple Events plugin getresults$qry; 0day.today 2018-03-01...