22 matches found
EUVD-2020-29287
Malware in sbrugna...
EUVD-2025-5646
Malicious code in bioql PyPI...
CVE-2020-8420
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of comtemplates causes a CSRF vulnerability...
CVE-2025-32972 The lesscss script service allows cache clearing without programming right
XWiki is a generic wiki platform. In versions starting from 6.1-milestone-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the script API of the LESS compiler in XWiki is incorrectly checking for rights when calling the cache cleaning API, makin...
XWiki Platform 安全漏洞
XWiki Platform is the XWiki open source suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions prior to 15.10.12, prior to 16.4.3, and prior to 16.8.0-rc-1, which stems from an improper check of the LESS compiler permissions...
BIT-JOOMLA-2020-8420
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of comtemplates causes a CSRF vulnerability...
CVE-2025-25142
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Jake Group WP Less Compiler wp-less-compiler allows Stored XSS.This issue affects WP Less Compiler: from n/a through = 1.3.0...
CVE-2025-25142
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Jake Group WP Less Compiler wp-less-compiler allows Stored XSS.This issue affects WP Less Compiler: from n/a through = 1.3.0...
CVE-2025-25142 WordPress WP Less Compiler plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Jake Group WP Less Compiler wp-less-compiler allows Stored XSS.This issue affects WP Less Compiler: from n/a through = 1.3.0...
CVE-2025-25142 WordPress WP Less Compiler plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound WP Less Compiler allows Stored XSS. This issue affects WP Less Compiler: from n/a through 1.3.0...
CVE-2025-25142
CVE-2025-25142 describes a Stored XSS vulnerability in the WordPress WP Less Compiler plugin (versions up to 1.3.0). The issue arises from improper neutralization of input during web page generation, allowing attacker-supplied input to be stored and later reflected in pages. The advisory lists WP...
WordPress plugin WP Less Compiler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
WordPress WP Less Compiler plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin WP Less Compiler versions = 1.3.0...
Joomla! 3.x < 3.9.15 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A cross-site request forgery CSRF exists in versions 3.0.0 to 3.9.14 due to a missing token checks in the batch actions of various components CVE-2020-8419 - A cross-site...
CVE-2020-8420
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of comtemplates causes a CSRF vulnerability...
CVE-2020-8420
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of comtemplates causes a CSRF vulnerability...
Cross site request forgery (csrf)
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of comtemplates causes a CSRF vulnerability...
CVE-2020-8420
CVE-2020-8420 affects Joomla! up to version 3.9.14 (before 3.9.15). The issue is a CSRF vulnerability caused by a missing CSRF token check in the LESS compiler of com_templates. The provided connected documents confirm the vulnerable component and root cause but do not provide exploit details or ...
CVE-2020-8420
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of comtemplates causes a CSRF vulnerability...
PT-2020-20125 · Joomla · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.15 Description: A missing CSRF token check in the LESS compiler of com templates causes a CSRF issue. This allows for potential exploitation. Recommendations: For versions prior to 3.9.15, update to version 3.9.1...