EUVD-2024-45446

Malicious code in bioql PyPI...

CVE-2024-51611

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Miguel Peixe WP Feature Box wp-feature-box allows Stored XSS.This issue affects WP Feature Box: from n/a through = 0.1.3...

CVE-2015-9451

The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfbmailchimp pmfbtid parameter...

CVE-2024-51611

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Miguel Peixe WP Feature Box wp-feature-box allows Stored XSS.This issue affects WP Feature Box: from n/a through = 0.1.3...

CVE-2024-51611 WordPress WP Feature Box plugin <= 0.1.3 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Miguel Peixe WP Feature Box wp-feature-box allows Stored XSS.This issue affects WP Feature Box: from n/a through = 0.1.3...

CVE-2024-51611 WordPress WP Feature Box plugin <= 0.1.3 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Miguel Peixe WP Feature Box wp-feature-box allows Stored XSS.This issue affects WP Feature Box: from n/a through = 0.1.3...

CVE-2024-51611

CVE-2024-51611 is a stored XSS in the WordPress plugin WP Feature Box, affecting versions &lt;= 0.1.3. The vulnerability stems from improper neutralization of input during web page generation, enabling stored Cross‑Site Scripting via user-provided data. Impact is described as Stored XSS; explicit...

WordPress plugin WP Feature Box 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-34754 · Miguel Peixe · Wp Feature Box

Name of the Vulnerable Software and Affected Versions: Miguel Peixe WP Feature Box versions 0.1.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows attackers to store harmful scripts,...

WordPress WP Feature Box plugin <= 0.1.3 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WP Feature Box versions = 0.1.3...

WordPress WP Feature Box Plugin <= 0.1.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Feature Box Type Plugin Vulnerable versions = 0.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51611 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cf990022caf8 Credits SOPROBRO Required privilege Contributor...

WordPress plugmatter-optin-feature-box-lite plugin SQL injection vulnerability (CNVD-2019-41888)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. plugmatter-optin-feature-box-lite is a feature list plugin used in it. The WordPress plugmatter-optin-feature-box-lite plugin...

WordPress plugmatter-optin-feature-box-lite plugin SQL injection vulnerability (CNVD-2019-42838)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. plugmatter-optin-feature-box-lite is a feature list plugin used in it. A SQL injection vulnerability exists in the WordPress...

Sql injection

The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfbcc pmfbtid parameter...

Sql injection

The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfbmailchimp pmfbtid parameter...

CVE-2015-9451

The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfbmailchimp pmfbtid parameter...

CVE-2015-9450

The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfbcc pmfbtid parameter...

CVE-2015-9450

Summary: The plugmatter-optin-feature-box-lite WordPress plugin is affected by an SQL injection vulnerability in versions before 2.0.14, exploitable via the request parameter wp-admin/admin-ajax.php?action=pmfb_cc pmfb_tid. This is documented across CVE/NVD records and corroborated by other datab...

WordPress Plugmatter Optin Feature Box Plugin <= 2.0.13 - SQL Injection

Because of this vulnerability, unauthenticated attackers can execute arbitrary SQL commands via "pmfbtid" parameter. Solution Update the plugin...