EUVD-2023-35117

Malicious code in bioql PyPI...

EUVD-2023-35109

Malicious code in bioql PyPI...

CVE-2023-30745

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Phan Chuong IP Metaboxes plugin = 2.1.1 versions...

CVE-2023-30753

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Phan Chuong IP Metaboxes plugin = 2.1.1...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Phan Chuong IP Metaboxes plugin = 2.1.1 versions...

CVE-2023-30745 WordPress IP Metaboxes Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Phan Chuong IP Metaboxes plugin = 2.1.1 versions...

CVE-2023-30745

CVE-2023-30745 affects the WordPress plugin IP Metaboxes (Phan Chuong) ≤ 2.1.1. An authenticated admin+ can trigger a Stored XSS due to inadequate sanitization/escaping of settings, potentially affecting admin sessions and loaded pages. The connected documents provide limited detail on exploit st...

CVE-2023-30753 WordPress IP Metaboxes Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Phan Chuong IP Metaboxes plugin = 2.1.1...

CVE-2023-30753

CVE-2023-30753 affects the WordPress plugin IP Metaboxes by Phan Chuong, with unauthenticated Reflected Cross-Site Scripting (XSS) in versions 2.1.1 to mitigate the vulnerability. The CVE entry is not described as rejected in the provided materials.

WordPress Plugin Phan Chuong IP Metaboxes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress IP Metaboxes Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software IP Metaboxes Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30753 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID c206efcb5905 Credits WON JOON HWANG Required...

WordPress IP Metaboxes Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software IP Metaboxes Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30745 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 98c96aff12b7 Credits WON JOON HWANG Required...

IP Metaboxes <= 2.1.1 - Unauthenticated Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

IP Metaboxes <= 2.1.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...