33 matches found
CVE-2026-39683
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through = 2.4.1...
EUVD-2026-20369
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through = 2.4.1...
CVE-2026-39683
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through = 2.4.1...
CVE-2026-39683
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through = 2.4.1...
CVE-2026-39683 WordPress Garden Gnome Package plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through = 2.4.1...
CVE-2026-39683
CVE-2026-39683 affects the WordPress Garden Gnome Package plugin (garden-gnome-package) up to version 2.4.1. The issue is a DOM-based XSS caused by improper neutralization of input during web page generation. Affected component is the garden-gnome-package, with the root cause described as cross-s...
CVE-2026-39683 WordPress Garden Gnome Package plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through = 2.4.1...
PT-2026-31245
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through = 2.4.1...
WordPress plugin Garden Gnome Package 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2024-49330
Malicious code in bioql PyPI...
EUVD-2024-51155
Malicious code in bioql PyPI...
CVE-2023-5664
The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ggpkg' shortcode in all versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
Linux Distros Unpatched Vulnerability : CVE-2020-13645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the applicati...
CVE-2024-12854
The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files that have been uploaded in all versions up to, and including, 2.3.0. This makes it possible for authenticated...
CVE-2024-12854 Garden Gnome Package <= 2.3.0 - Authenticated (Author+) Arbitrary File Upload
The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files that have been uploaded in all versions up to, and including, 2.3.0. This makes it possible for authenticated...
CVE-2024-12854
CVE-2024-12854 concerns Garden Gnome Package (WordPress) where all versions up to 2.3.0 are vulnerable due to missing file type validation when extracting uploaded ggpkgs. This enables an attacker with Author+ privileges to upload arbitrary files to the server, with potential remote code executio...
CVE-2024-12854 Garden Gnome Package <= 2.3.0 - Authenticated (Author+) Arbitrary File Upload
The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files that have been uploaded in all versions up to, and including, 2.3.0. This makes it possible for authenticated...
WordPress plugin Garden Gnome Package 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress Garden Gnome Package plugin <= 2.3.0 - Authenticated (Author+) Arbitrary File Upload vulnerability
Authenticated Author+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin Garden Gnome Package versions = 2.3.0...
CVE-2024-8657
The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ggpkg shortcode in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...