PT-2024-35305 · Data443 · Data443 Lgpd Framework

Name of the Vulnerable Software and Affected Versions: Data443 LGPD Framework versions n/a through 2.0.2 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious...

PT-2024-35886 · WordPress · Sparkle Wp Sparkle Elementor Kit

Name of the Vulnerable Software and Affected Versions: Sparkle WP Sparkle Elementor Kit versions through 2.0.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This is a Cross-site...

PT-2024-32584 · Yith · Yith Woocommerce Product Add-Ons

Name of the Vulnerable Software and Affected Versions: YITH WooCommerce Product Add-Ons versions prior to 4.13.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations...

PT-2024-30106 · Unknown · Super Easy Enterprise Management System

Name of the Vulnerable Software and Affected Versions: Super easy enterprise management system versions 1.0.0 and earlier Description: An issue in the system allows a local attacker to obtain the server absolute path by entering a single quotation mark. This can be exploited to gain sensitive...

PT-2024-27589 · Unknown · Apollo13 Framework Extensions

Name of the Vulnerable Software and Affected Versions: Apollo13 Framework Extensions versions 1.9.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

PT-2024-27649 · Perials · Perials Simple Social Share

Name of the Vulnerable Software and Affected Versions: Perials Simple Social Share versions n/a through 3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations...

PT-2023-22537 · Total.Js · Total.Js

Name of the Vulnerable Software and Affected Versions: TotalJS messenger version b6cf1c9 Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field. This enables attackers to...

PT-2021-13868 · Privoxy +4 · Privoxy +4

Name of the Vulnerable Software and Affected Versions: privoxy versions prior to 3.0.32 Description: A flaw was found in the software, where invalid memory access with an invalid pattern passed to the pcre compile function may lead to denial of service. Recommendations: For versions prior to...