13 matches found
EUVD-2024-16688
Malicious code in bioql PyPI...
CVE-2024-0906
CVE-2024-0906 concerns the WordPress plugin “f(x) Private Site.” The vulnerability allows unauthenticated attackers to access page and post contents protected by the plugin via the plugin’s API. Affected are all versions up to and including 1.2.1. The included Red Hat advisory corroborates the sa...
WordPress f(x) Private Site Plugin <= 1.2.1 is vulnerable to Sensitive Data Exposure
Software fx Private Site Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0906 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 800faead5d18 Credits Francesco Carlucci Required...
CVE-2023-0490
The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Cross site scripting
The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0490
CVE-2023-0490 concerns the f(x) TOC WordPress plugin (
CVE-2023-0490 f(x) TOC <= 1.1.0 - Contributor+ Stored XSS
The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress plugin f(x) TOC 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2023-16302 · WordPress · F(X) Toc Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: fx TOC WordPress plugin versions 1.1.0 and earlier Description: The issue concerns the fx TOC WordPress plugin, which does not properly validate and escape some of its shortcode attributes before outputting them in a page or post. This could...
WordPress f(x) TOC Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software fx TOC Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0490 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 8736d6d89b3b Credits István Márton Required...
Debian Security Advisory DSA 2414-1 (fex)
The remote host is missing an update to fex announced via advisory DSA 2414-1. OpenVAS Vulnerability Test $Id: deb24141.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2414-1 fex Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Debian Security Advisory DSA 2414-1 (fex)
The remote host is missing an update to fex announced via advisory DSA 2414-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
DSA-2414-2 fex - regression
Bulletin has no description...