45 matches found
EUVD-2019-7654
Malware in sbrugna...
EUVD-2019-7653
Malware in sbrugna...
EUVD-2019-7652
Malware in sbrugna...
EUVD-2022-15930
Malicious code in bioql PyPI...
CVE-2022-0898
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfilteredhtml capability, which could lead to Stored Cross-Site Scripting issues...
CVE-2019-17237
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF...
CVE-2019-17236
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS...
CVE-2019-17235
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure...
CVE-2019-17234
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion...
CVE-2022-0898
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfilteredhtml capability, which could lead to Stored Cross-Site Scripting issues...
CVE-2022-0898
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfilteredhtml capability, which could lead to Stored Cross-Site Scripting issues...
Cross site scripting
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfilteredhtml capability, which could lead to Stored Cross-Site Scripting issues...
CVE-2022-0898
CVE-2022-0898 affects the IgniteUp WordPress plugin up to version 3.4.1. The vulnerability arises from insufficient sanitization/escaping of certain fields when high-privilege users lack the unfiltered_html capability, enabling a Stored Cross-Site Scripting (XSS) scenario on admin-facing template...
CVE-2022-0898 IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfilteredhtml capability, which could lead to Stored Cross-Site Scripting issues...
WordPress plugin IgniteUp 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some fields when high privilege users don't have the unfilteredhtml capability, which could lead to Stored Cross-Site Scripting issues Customise a template from the plugin /wp-admin/admin.php?page=cscstemplates and put the following payload in the Paragraph...
WordPress IgniteUp – Coming Soon and Maintenance Mode plugin <= 3.4.1 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Kaushalendra Dubey in WordPress IgniteUp – Coming Soon and Maintenance Mode plugin versions = 3.4.1. Solution Deactivate and delete. This plugin has been closed as of March 9, 2022 and is not available for download. This closure is...
IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some fields when high privilege users don't have the unfilteredhtml capability, which could lead to Stored Cross-Site Scripting issues PoC Customise a template from the plugin /wp-admin/admin.php?page=cscstemplates and put the following payload in the...
Exploit for Missing Authentication for Critical Function in Getigniteup Igniteup
Wordpress IgniteUp plugin vulnerability Wordpress IgniteUp plu...
WordPress IgniteUp Information Disclosure Vulnerability
The WordPress plugin IgniteUp is used to create "Coming Soon" and "Maintenance" mode pages. An information disclosure vulnerability exists in includes/class-coming-soon-creator.php in IgniteUp 3.4 and earlier versions. An attacker could exploit this vulnerability to access sensitive information...