Image Hover Effects Ultimate < 9.7.1 - Reflected Cross-Site Scripting

The plugin does not escape the effects parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

WordPress Image Hover Effects Ultimate plugin <= 9.7.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Image Hover Effects Ultimate plugin versions = 9.7.0. Solution Update the WordPress Image Hover Effects Ultimate plugin to the latest available version at least 9.7.1...

PT-2021-7521 · WordPress · Image Hover Effects Ultimate

Name of the Vulnerable Software and Affected Versions: Image Hover Effects Ultimate plugin for WordPress versions up to, and including, 9.7.3 Description: The issue is related to Stored Cross-Site Scripting via the Title and Description values that can be added to an Image Hover due to insufficie...

WordPress Image Hover Effects Ultimate has an unspecified vulnerability

WordPress is a set of blogging platforms developed by the WordPress Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Image Hover Effects Ultimate plugin 9.6.1 and earlier versions have a security vulnerability that can ...

VulnCheck KEV: CVE-2021-36888

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin...

CVE-2021-36888

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin...

CVE-2021-36888

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin...

Code injection

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin...

CVE-2021-36888 WordPress Image Hover Effects Ultimate plugin <= 9.6.1 - Unauthenticated Arbitrary Options Update leading to full website compromise

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin...

CVE-2021-36888

The CVE-2021-36888 entry affects the WordPress plugin Image Hover Effects Ultimate (versions

WordPress Image Hover Effects Ultimate plugin <= 9.6.1 - Unauthenticated Arbitrary Options Update leading to full website compromise

Unauthenticated Arbitrary Options Update leading to full website compromise discovered by mirphak aka John Castro Pagely in WordPress Image Hover Effects Ultimate plugin versions = 9.6.1. Solution Update the WordPress Image Hover Effects Ultimate plugin to the latest available version at least 9....

PT-2021-21398

Name of the Vulnerable Software and Affected Versions Image Hover Effects Ultimate versions prior to 9.6.1 Description The issue is an Unauthenticated Arbitrary Options Update vulnerability. This vulnerability can lead to a full website compromise. Recommendations For versions prior to 9.6.1,...

WordPress 访问控制错误漏洞

WordPress is a set of blogging platforms developed by the WordPress Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Image Hover Effects Ultimate plugin 9.6.1 and earlier versions have a security vulnerability that can ...

Image Hover Effects Ultimate < 9.7.0 - Unauthenticated Arbitrary Option Update

The plugin does not have any authorisation in its REST API endpoint, one of them could allow unauthenticated attackers to update arbitrary blog options. The original report mentioned the issue being fixed in 9.6.2, however it was still possible for attackers to exploit it and proper remediation h...

Image Hover Effects Ultimate < 9.7.0 - Unauthenticated Arbitrary Option Update

The plugin does not have any authorisation in its REST API endpoint, one of them could allow unauthenticated attackers to update arbitrary blog options. The original report mentioned the issue being fixed in 9.6.2, however it was still possible for attackers to exploit it and proper remediation h...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29619 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29619 Source advisory: OSV:GHSA-WVJW-P9F5-VQ28...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29616 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29616 Source advisory: OSV:GHSA-4HVV-7X94-7VQ8...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29610 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29610 Source advisory: OSV:GHSA-MQ5C-PRH3-3F3H...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29604 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29604 Source advisory: OSV:GHSA-8RM6-75MF-7R7R...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29602 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29602 Source advisory: OSV:GHSA-RF3H-XGV5-2Q39...