22 matches found
EUVD-2022-34704
Malicious code in bioql PyPI...
EUVD-2025-17077
Malicious code in bioql PyPI...
CVE-2025-5536
The Freemind Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'freemind' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-5536
The Freemind Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'freemind' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-5536 Freemind Viewer <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Freemind Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'freemind' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-5536
CVE-2025-5536 involves the Freemind Viewer WordPress plugin and enables a Stored Cross‑Site Scripting (XSS) via the plugin shortcode “freemind” in all versions up to 1.0. The vulnerability arises from insufficient input sanitization and output escaping on user‑supplied attributes, allowing an aut...
CVE-2025-5536 Freemind Viewer <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Freemind Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'freemind' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
PT-2025-24038 · WordPress · Freemind Viewer
Name of the Vulnerable Software and Affected Versions: Freemind Viewer plugin for WordPress versions up to and including 1.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the 'freemind' shortcode. This allows authenticated...
WordPress plugin Freemind Viewer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Freemind Viewer plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Freemind Viewer versions = 1.0...
CVE-2022-2443
The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This makes it possible for unauthenticated attackers t...
PT-2022-21326 · WordPress +3 · Freemind Wp Browser +2
Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue is closely related to Cross-site Scripting XSS and involves HTML injection to deface a page, whereas XSS injects JavaScript. Both attacks exploit insufficient validation of user...
CVE-2022-2443
The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This makes it possible for unauthenticated attackers t...
CVE-2022-2443
The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This makes it possible for unauthenticated attackers t...
CVE-2022-2443
The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This makes it possible for unauthenticated attackers t...
Cross site request forgery (csrf)
The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This makes it possible for unauthenticated attackers t...
CVE-2022-2443
The CVE-2022-2443 entry concerns the FreeMind WP Browser plugin for WordPress (versions up to 1.2). The vulnerability is a Cross-Site Request Forgery due to missing nonce protection in the FreemindOptions() function in freemind-wp-browser.php, allowing unauthenticated attackers to trick an admini...
CVE-2022-2443 FreeMind WP Browser <= 1.2 - Cross-Site Request Forgery to Cross-Site Scripting
The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This makes it possible for unauthenticated attackers t...
WordPress plugin FreeMind WP 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin FreeMind W...
PT-2022-16691 · WordPress · Freemind Wp Browser
Name of the Vulnerable Software and Affected Versions: FreeMind WP Browser plugin for WordPress versions up to, and including 1.2 Description: The issue is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This allows unauthenticated...