EUVD-2024-26886

Malicious code in bioql PyPI...

CVE-2024-29912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Baptiste Placé iCalendrier allows Stored XSS.This issue affects iCalendrier: from n/a through 1.80...

iCalendrier < 1.81 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The iCalendrier plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.80 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

CVE-2024-29912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Baptiste Placé iCalendrier allows Stored XSS.This issue affects iCalendrier: from n/a through 1.80...

CVE-2024-29912 WordPress iCalendrier plugin <= 1.80 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Baptiste Placé iCalendrier allows Stored XSS.This issue affects iCalendrier: from n/a through 1.80...

CVE-2024-29912

CVE-2024-29912 is a stored XSS in the WordPress plugin iCalendrier , caused by improper neutralization during web page generation. Affected versions are listed as from n/a through 1.80 . The connected Red Hat entry reiterates the same vulnerability description. No remediation/patch details are pr...

CVE-2024-29912 WordPress iCalendrier plugin <= 1.80 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Baptiste Placé iCalendrier allows Stored XSS.This issue affects iCalendrier: from n/a through 1.80...

WordPress Plugin iCalendrier 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-23134 · Unknown · Icalendrier

Name of the Vulnerable Software and Affected Versions: iCalendrier versions 1.80 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For versions 1.80...

WordPress iCalendrier Plugin <= 1.80 is vulnerable to Cross Site Scripting (XSS)

Software iCalendrier Type Plugin Vulnerable versions = 1.80 Fixed in 1.81 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29912 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 149ae9093141 Credits LVT-tholv2k Required privilege Contributor...