11 matches found
EUVD-2022-25219
Malicious code in bioql PyPI...
CVE-2022-1951
The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected...
WordPress core plugin for kitestudio plugin跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress core plugin for kitestudio plugin prior to 2.3.1 are vulnerable to a...
CVE-2022-1951
The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected...
CVE-2022-1951
The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected...
CVE-2022-1951
The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected...
CVE-2022-1951 Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting
The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected...
CVE-2022-1951
The CVE-2022-1951 entry corresponds to the kitestudio WordPress Core Plugin for Kitestudio Themes, affected versions prior to 2.3.1. The root cause is failure to sanitize and escape certain parameters in the AJAX response, allowing a Reflected Cross‑Site Scripting (XSS) vulnerability that is expl...
WordPress core plugin for kitestudio 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress core plugin for kitestudio plugin prior to 2.3.1 are vulnerable to a...
WordPress Core plugin for Kitestudio themes <= 2.3.0 - Reflected Cross-Site-Scripting (XSS) vulnerability
Reflected Cross-Site-Scripting XSS vulnerability discovered by cydave in WordPress Core plugin for Kitestudio themes versions = 2.3.0. Solution Update the WordPress Core plugin for Kitestudio themes to the latest available version at least 2.3.1...
Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting
The plugin does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected Cross-Site Scripting. Install and active the...