EUVD-2013-2011

Malware in sbrugna...

EUVD-2013-1934

Malware in sbrugna...

EUVD-2015-1016

Malware in sbrugna...

EUVD-2022-39087

Malicious code in bioql PyPI...

EUVD-2022-2202

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2013-2023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.1 allows remote attackers to inje...

Linux Distros Unpatched Vulnerability : CVE-2013-1942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.20, as used in ownClou...

Linux Distros Unpatched Vulnerability : CVE-2013-2022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote...

WPB Show Core < 2.7 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

WordPress plugin MP3 jPlayer cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin MP3 jPlayer version 2.7.3 and prior versions are vulnerable to cross-site request...

CVE-2022-36373

Multiple Cross-Site Request Forgery CSRF vulnerabilities in Simon Ward MP3 jPlayer plugin = 2.7.3 at WordPress...

CVE-2022-36373

CVE-2022-36373 concerns the WordPress MP3 jPlayer plugin (versions &lt;= 2.7.3). The NVD entry reports multiple CSRF vulnerabilities with a base CVSS v3.1 score of 8.8 (HIGH) and an attack vector of NETWORK, requiring user interaction and no privileges. Connected sources consistently describe CSR...

CVE-2022-36373 WordPress MP3 jPlayer plugin <= 2.7.3 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities in Simon Ward MP3 jPlayer plugin = 2.7.3 at WordPress...

WordPress MP3 jPlayer plugin <= 2.7.3 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Rasi Afeef Patchstack Alliance in the WordPress MP3-jPlayer plugin versions = 2.7.3. Solution Deactivate and delete. No reply from the vendor...

MP3 jPlayer <= 2.7.3 - Multiple CSRF

The plugin does not have CSRF check in some places, which could allow attackers to make logged in users perform unwanted actions...

WordPress plugin MP3 jPlayer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin MP3 jPlayer version 2.7.3 and prior versions are vulnerable to cross-site request...

PT-2022-23334

Name of the Vulnerable Software and Affected Versions: Simon Ward MP3 jPlayer plugin versions = 2.7.3 Description: The issue concerns multiple Cross-Site Request Forgery CSRF vulnerabilities. CSRF is a type of attack where an attacker tricks a user into performing unintended actions on a web...

GHSA-3JCQ-CWR7-6332 jplayer Cross Site Scripting vulnerability

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id parameters, a different vulnerability than CVE-2013-1942 and...

jplayer Cross Site Scripting vulnerability

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id parameters, a different vulnerability than CVE-2013-1942 and...

Cross-Site Scripting (XSS)

jPlayer is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary Javascript into a victim’s browser via the jQuery and id parameters in the Flash SWF component. This CVE is different from CVE-2013-1942 and CVE-2013-2022...