23 matches found
WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin <= 2.24.6 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Internal Link Juicer: SEO Auto Linker for WordPress versions = 2.24.6...
EUVD-2024-16449
Malicious code in bioql PyPI...
EUVD-2024-36898
Malicious code in bioql PyPI...
CVE-2024-37941
Cross-Site Request Forgery CSRF vulnerability in Internal Link Juicer Internal Link Juicer: SEO Auto Linker for WordPress.This issue affects Internal Link Juicer: SEO Auto Linker for WordPress: from n/a through 2.24.3...
CVE-2024-0657
The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings such as 'iljsettingsfieldlinksperpage' in all versions up to, and including, 2.23.4 due to insufficient input sanitization and output escaping. This makes i...
CVE-2024-37941
Cross-Site Request Forgery CSRF vulnerability in Internal Link Juicer Internal Link Juicer: SEO Auto Linker for WordPress.This issue affects Internal Link Juicer: SEO Auto Linker for WordPress: from n/a through 2.24.3...
CVE-2024-37941 WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin <= 2.24.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Internal Link Juicer Internal Link Juicer: SEO Auto Linker for WordPress.This issue affects Internal Link Juicer: SEO Auto Linker for WordPress: from n/a through 2.24.3...
CVE-2024-37941 WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin <= 2.24.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Internal Link Juicer Internal Link Juicer: SEO Auto Linker for WordPress.This issue affects Internal Link Juicer: SEO Auto Linker for WordPress: from n/a through 2.24.3...
CVE-2024-37941
CVE-2024-37941 is a CSRF vulnerability in the Internal Link Juicer: SEO Auto Linker for WordPress plugin, affecting the 2.24.3 release and earlier. The CVSS v3.1 base score is 4.3 (Medium). Public exploit details are not provided in the connected documents; remediation would be upgrading to 2.24....
WordPress plugin Internal Link Juicer security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin <= 2.24.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Internal Link Juicer: SEO Auto Linker for WordPress versions = 2.24.3...
WordPress Internal Link Juicer: SEO Auto Linker for WordPress Plugin <= 2.24.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Internal Link Juicer: SEO Auto Linker for WordPress Type Plugin Vulnerable versions = 2.24.3 Fixed in 2.24.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37941 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...
WordPress Internal Link Juicer: SEO Auto Linker for WordPress Plugin <= 2.23.4 is vulnerable to Cross Site Scripting (XSS)
Software Internal Link Juicer: SEO Auto Linker for WordPress Type Plugin Vulnerable versions = 2.23.4 Fixed in 2.23.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0657 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID...
CVE-2024-0657
The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings such as 'iljsettingsfieldlinksperpage' in all versions up to, and including, 2.23.4 due to insufficient input sanitization and output escaping. This makes i...
Cross site scripting
The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings such as 'iljsettingsfieldlinksperpage' in all versions up to, and including, 2.23.4 due to insufficient input sanitization and output escaping. This makes i...
CVE-2024-0657 Internal Link Juicer <= 2.23.4 - Authenticated (Admin+) Stored Cross-Site Scripting
The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings such as 'iljsettingsfieldlinksperpage' in all versions up to, and including, 2.23.4 due to insufficient input sanitization and output escaping. This makes i...
CVE-2024-0657
CVE-2024-0657 affects the Internal Link Juicer (WordPress) where Stored XSS can be injected via admin settings (e.g., ilj_settings_field_links_per_page) in all versions up to 2.23.4 due to insufficient input sanitization/output escaping. Attackers with administrator privileges can execute scripts...
WordPress Plugin Internal Link Juicer: SEO Auto Linker for WordPress Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2024-15724 · WordPress · The Internal Link Juicer: Seo Auto Linker
Name of the Vulnerable Software and Affected Versions: The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress versions up to, and including, 2.23.4 Description: The issue is related to Stored Cross-Site Scripting via admin settings, such as ilj settings field links per page,...
Internal Link Juicer < 2.23.5 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings such as 'iljsettingsfieldlinksperpage' in all versions up to, and including, 2.23.4 due to insufficient input sanitization and output escaping...