14 matches found
EUVD-2023-33980
Malicious code in bioql PyPI...
EUVD-2023-33982
Malicious code in bioql PyPI...
EUVD-2023-33984
Malicious code in bioql PyPI...
CVE-2023-2500
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.3.19 via deserialization of untrusted input from the 'gopricing' shortcode 'data' parameter. This allows authenticated attackers, with subscriber-lev...
CVE-2023-2496
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability check on the 'validateupload' function in versions up to, and including, 3.3.19. This makes it possible for authenticated attackers with a...
CVE-2023-2498
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.19 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inje...
WordPress Go Pricing Plugin < 3.4 is vulnerable to Cross Site Scripting (XSS)
Software Go Pricing Type Plugin Vulnerable versions 3.4 Fixed in 3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2498 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 27531616264d Credits Lana Codes Required privilege...
CVE-2023-2500
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.3.19 via deserialization of untrusted input from the 'gopricing' shortcode 'data' parameter. This allows authenticated attackers, with subscriber-lev...
CVE-2023-2500 Go Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Authenticated (Subscriber+) PHP Object Injection
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.3.19 via deserialization of untrusted input from the 'gopricing' shortcode 'data' parameter. This allows authenticated attackers, with subscriber-lev...
CVE-2023-2498
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.19 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inje...
CVE-2023-2496
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability check on the 'validateupload' function in versions up to, and including, 3.3.19. This makes it possible for authenticated attackers with a...
CVE-2023-2494 Go Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Missing Authorization to Limited Privilege Granting
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processpostdata' function in versions up to, and including, 3.3.19. This makes it possible for authenticated attackers with a role...
WordPress plugin Go Pricing - WordPress Responsive Pricing Tables 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Go Pricing - WordPres...
WordPress plugin Go Pricing - WordPress Responsive Pricing Tables 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Go Pricing - WordPres...