EUVD-2023-38449

Malicious code in bioql PyPI...

EUVD-2023-38275

Malicious code in bioql PyPI...

PT-2025-4558 · Unknown · Grandslambert Featured Page Widget

The vulnerable software is grandslambert Featured Page Widget, with versions affected ranging from n/a to 2.2. The vulnerability is an improper neutralization of input during web page generation, also known as Cross-site Scripting XSS, which allows for Reflected XSS attacks. This vulnerability is...

CVE-2023-47813

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in grandslambert Better RSS Widget plugin = 2.8.1 versions...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in grandslambert Better RSS Widget plugin = 2.8.1 versions...

CVE-2023-34175

Unauth. Reflected Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

CVE-2023-34175

Unauth. Reflected Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

CVE-2023-34175

CVE-2023-34175: Unauth. Reflected XSS in GrandSlambert Login Configurator plugin

CVE-2023-34175 WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

PT-2023-24713 · Unknown · Grandslambert Login Configurator

Name of the Vulnerable Software and Affected Versions: GrandSlambert Login Configurator plugin versions = 2.1 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited without authentication, allowing for reflected...

CVE-2023-34369

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

CVE-2023-34369

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

CVE-2023-34369 WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

CVE-2023-34369 WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

CVE-2023-34369

CVE-2023-34369 affects the WordPress GrandSlambert Login Configurator plugin (versions ≤ 2.1). It is an authenticated Stored Cross-Site Scripting (XSS) vulnerability, exploitable by an admin+ user, with the issue described as an input/sanitization flaw in the login configuration flow. Impact per ...

PT-2023-24843 · Unknown · Grandslambert Login Configurator

Name of the Vulnerable Software and Affected Versions: GrandSlambert Login Configurator plugin versions = 2.1 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin privileges can inject malicious scripts into th...