10 matches found
EUVD-2024-34535
Malicious code in bioql PyPI...
CVE-2024-33955
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme Freesia Freesia Empire allows Stored XSS.This issue affects Freesia Empire: from n/a through 1.4.1...
WordPress plugin Freesia Empire 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Freesia Empire < 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Freesia Empire theme for WordPress is vulnerable to Stored Cross-Site Scripting via post author display names in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2024-33955 WordPress Freesia Empire theme <= 1.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme Freesia Freesia Empire allows Stored XSS.This issue affects Freesia Empire: from n/a through 1.4.1...
CVE-2024-33955 WordPress Freesia Empire theme <= 1.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme Freesia Freesia Empire allows Stored XSS.This issue affects Freesia Empire: from n/a through 1.4.1...
CVE-2024-33955
CVE-2024-33955 is a Stored XSS vulnerability in the Freesia Empire WordPress theme. Affected versions are Freesia Empire 1.4.1 and earlier (n/a through 1.4.1); the issue stems from improper input neutralization during web page generation. CVSS v3.1 base score is 6.5 (medium severity). The Red Hat...
PT-2024-25587 · Unknown · Freesia Empire
Name of the Vulnerable Software and Affected Versions: Freesia Empire versions 1.4.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject malicious...
WordPress Freesia Empire theme <= 1.4.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Freesia Empire versions = 1.4.1...
WordPress Freesia Empire Theme <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Freesia Empire Type Theme Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33955 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cfa0ba8d37d0 Credits stealthcopter Required privilege...