21 matches found
CVE-2023-40330
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Milan Petrovic GD Security Headers plugin = 1.6.1 versions...
EUVD-2023-50987
Malicious code in bioql PyPI...
EUVD-2023-44917
Malicious code in bioql PyPI...
CVE-2023-46821
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Security Headers allows auth. admin+ SQL Injection.This issue affects GD Security Headers: from n/a through 1.7...
GD Security Headers < 1.7.1 - Admin+ SQLi
Description The plugin does not properly sanitise and escape the filter-vd and filter-ed parameters before using them in SQL statements, leading to SQL injections exploitable by high privilege users such as admin...
CVE-2023-46821
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Security Headers allows auth. admin+ SQL Injection.This issue affects GD Security Headers: from n/a through 1.7...
CVE-2023-46821
A vulnerability in Milan Petrovic GD Security Headers gd-security-headers.This issue affects GD Security Headers: from n/a through = 1.7...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Security Headers allows auth. admin+ SQL Injection.This issue affects GD Security Headers: from n/a through 1.7...
CVE-2023-46821
GD Security Headers WordPress plugin
CVE-2023-46821 WordPress GD Security Headers Plugin <= 1.7 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Security Headers allows auth. admin+ SQL Injection.This issue affects GD Security Headers: from n/a through 1.7...
CVE-2023-46821 WordPress GD Security Headers Plugin <= 1.7 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Security Headers allows auth. admin+ SQL Injection.This issue affects GD Security Headers: from n/a through 1.7...
WordPress Plugin GD Security Headers SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2023-30236 · Unknown · Gd Security Headers
Name of the Vulnerable Software and Affected Versions: GD Security Headers versions 1.7 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows authorized users with admin+ privileges to...
CVE-2023-40330
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Milan Petrovic GD Security Headers plugin = 1.6.1 versions...
CVE-2023-40330
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Milan Petrovic GD Security Headers plugin = 1.6.1 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Milan Petrovic GD Security Headers plugin = 1.6.1 versions...
CVE-2023-40330
CVE-2023-40330 is an unauthenticated, reflected XSS vulnerability in the WordPress plugin GD Security Headers (versions
CVE-2023-40330 WordPress GD Security Headers Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Milan Petrovic GD Security Headers plugin = 1.6.1 versions...
GD Security Headers < 1.7 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
PT-2023-27391 · Milan Petrovic · Gd Security Headers
Name of the Vulnerable Software and Affected Versions: Milan Petrovic GD Security Headers plugin versions = 1.6.1 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing th...