EUVD-2013-1934

Malware in sbrugna...

EUVD-2013-2011

Malware in sbrugna...

EUVD-2015-1016

Malware in sbrugna...

EUVD-2022-2202

Malicious code in bioql PyPI...

EUVD-2022-39087

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2013-1942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.20, as used in ownClou...

Linux Distros Unpatched Vulnerability : CVE-2013-2023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.1 allows remote attackers to inje...

Linux Distros Unpatched Vulnerability : CVE-2013-2022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote...

WPB Show Core < 2.7 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

WordPress plugin MP3 jPlayer cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin MP3 jPlayer version 2.7.3 and prior versions are vulnerable to cross-site request...

CVE-2022-36373

Multiple Cross-Site Request Forgery CSRF vulnerabilities in Simon Ward MP3 jPlayer plugin = 2.7.3 at WordPress...

CVE-2022-36373 WordPress MP3 jPlayer plugin <= 2.7.3 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities in Simon Ward MP3 jPlayer plugin = 2.7.3 at WordPress...

CVE-2022-36373

CVE-2022-36373 concerns the WordPress MP3 jPlayer plugin (versions &lt;= 2.7.3). The NVD entry reports multiple CSRF vulnerabilities with a base CVSS v3.1 score of 8.8 (HIGH) and an attack vector of NETWORK, requiring user interaction and no privileges. Connected sources consistently describe CSR...

MP3 jPlayer <= 2.7.3 - Multiple CSRF

The plugin does not have CSRF check in some places, which could allow attackers to make logged in users perform unwanted actions...

PT-2022-23334

Name of the Vulnerable Software and Affected Versions: Simon Ward MP3 jPlayer plugin versions = 2.7.3 Description: The issue concerns multiple Cross-Site Request Forgery CSRF vulnerabilities. CSRF is a type of attack where an attacker tricks a user into performing unintended actions on a web...

WordPress MP3 jPlayer plugin <= 2.7.3 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Rasi Afeef Patchstack Alliance in the WordPress MP3-jPlayer plugin versions = 2.7.3. Solution Deactivate and delete. No reply from the vendor...

WordPress plugin MP3 jPlayer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin MP3 jPlayer version 2.7.3 and prior versions are vulnerable to cross-site request...

jplayer Cross Site Scripting vulnerability

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id parameters, a different vulnerability than CVE-2013-1942 and...

GHSA-3JCQ-CWR7-6332 jplayer Cross Site Scripting vulnerability

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id parameters, a different vulnerability than CVE-2013-1942 and...

Cross-Site Scripting (XSS)

jPlayer is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary Javascript into a victim’s browser via the jQuery and id parameters in the Flash SWF component. This CVE is different from CVE-2013-1942 and CVE-2013-2022...