18 matches found
CVE-2023-49186
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in KlbTheme Machic Core allows DOM-Based XSS.This issue affects Machic Core: from n/a through 1.2.6...
CVE-2023-49186
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in KlbTheme Machic Core allows DOM-Based XSS.This issue affects Machic Core: from n/a through 1.2.6...
EUVD-2023-53191
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in KlbTheme Machic Core allows DOM-Based XSS.This issue affects Machic Core: from n/a through 1.2.6...
EUVD-2023-53746
Malicious code in bioql PyPI...
EUVD-2023-53747
Malicious code in bioql PyPI...
CVE-2023-49838
Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...
CVE-2023-49839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
CVE-2023-49838
Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...
CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme
Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...
CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme
Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...
CVE-2023-49838
CVE-2023-49838 : CSRF in KlbTheme themes (Clotya up to 1.1.6; Cosmetsy up to 1.7.7; Furnob up to 1.2.2; Bacola up to 1.3.3; Partdo up to 1.1.1; Medibazar up to 1.8.6; Machic up to 1.2.8). Root cause per description: missing CSRF checks in some locations, enabling unauthorized actions via forged r...
CVE-2023-49839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
CVE-2023-49839 Reflected Cross-Site Scripting vulnerability in multiple WordPress components by KlbTheme
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
CVE-2023-49839
CVE-2023-49839 is a reflected XSS in KlbTheme core plugins (Cosmetsy, Partdo, Bacola, Medibazar, Furnob, Clotya) caused by improper neutralization of input during web page generation. Affected versions include Cosmetsy up to 1.3.0; Partdo up to 1.0.9; Bacola up to 1.3.3; Medibazar up to 1.2.3; Fu...
CVE-2023-49839 Reflected Cross-Site Scripting vulnerability in multiple WordPress components by KlbTheme
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
PT-2024-13815 · Klbtheme · Klbtheme Clotya +5
Name of the Vulnerable Software and Affected Versions: KlbTheme Cosmetsy theme core plugin versions 1.3.0 and earlier KlbTheme Partdo theme core plugin versions 1.0.9 and earlier KlbTheme Bacola theme core plugin versions 1.3.3 and earlier KlbTheme Medibazar theme core plugin versions 1.2.3 and...
Multiple Plugins by KlbTheme - Reflected Cross-Site Scripting
Description The plugins do not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Multiple Themes by KlbTheme - Cross-Site Request Forgery
Description The themes do not have CSRF checks in some places, which could allow attackers to make logged in admins perform unwanted actions via CSRF attacks...