20 matches found
EUVD-2019-7541
Malware in sbrugna...
EUVD-2023-31624
Malicious code in bioql PyPI...
CVE-2023-27889
Cross-site request forgery CSRF vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page...
CVE-2019-17070
The liquid-speech-balloon aka LIQUID SPEECH BALLOON plugin before 1.0.7 for WordPress allows XSS with Internet Explorer...
CVE-2023-27889
Cross-site request forgery CSRF vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page...
CVE-2023-27889
Cross-site request forgery CSRF vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page...
CVE-2023-27889
CVE-2023-27889 — LIQUID SPEECH BALLOON plugin : A CSRF vulnerability affecting WordPress plugin versions prior to 1.2. The issue allows a remote unauthenticated attacker to hijack a user’s session and perform unintended operations by forcing the user to view a malicious page. A fix exists in vers...
PT-2023-21395 · Unknown · Liquid Speech Balloon
Name of the Vulnerable Software and Affected Versions: LIQUID SPEECH BALLOON versions prior to 1.2 Description: A cross-site request forgery CSRF issue allows a remote unauthenticated attacker to hijack the authentication of a user and perform unintended operations by having a user view a malicio...
CVE-2023-27889
Cross-site request forgery CSRF vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page...
WordPress LIQUID SPEECH BALLOON Plugin < 1.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software LIQUID SPEECH BALLOON Type Plugin Vulnerable versions 1.2 Fixed in 1.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27889 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b1811e420432 Credits Ryo Sato of BroadBa...
WordPress plugin "LIQUID SPEECH BALLOON" vulnerable to cross-site request forgery
Overview WordPress plugin "LIQUID SPEECH BALLOON" provided by LIQUID DESIGN Ltd. contains a cross-site request forgery vulnerability CWE-352. Ryo Sato of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#99657911: WordPress plugin "LIQUID SPEECH BALLOON” vulnerable to cross-site request forgery
WordPress plugin "LIQUID SPEECH BALLOON” provided by LIQUID DESIGN Ltd. contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Software Update the Software to the latest...
WordPress plugin LIQUID SPEECH BALLOON 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress liquid-speech-balloon plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. liquid-speech-balloon is a visual editor plugin used in it. A cross-site scripting vulnerability exists in the WordPress...
CVE-2019-17070
The liquid-speech-balloon aka LIQUID SPEECH BALLOON plugin before 1.0.7 for WordPress allows XSS with Internet Explorer...
CVE-2019-17070
The liquid-speech-balloon aka LIQUID SPEECH BALLOON plugin before 1.0.7 for WordPress allows XSS with Internet Explorer...
Design/Logic Flaw
The liquid-speech-balloon aka LIQUID SPEECH BALLOON plugin before 1.0.7 for WordPress allows XSS with Internet Explorer...
CVE-2019-17070
CVE-2019-17070 affects the WordPress plugin liquid-speech-balloon (aka LIQUID SPEECH BALLOON) prior to version 1.0.7. The available documents describe a cross-site scripting (XSS) vulnerability (specifically with Internet Explorer) in this plugin. The root cause and specific vulnerable component/...
CVE-2019-17070
The liquid-speech-balloon aka LIQUID SPEECH BALLOON plugin before 1.0.7 for WordPress allows XSS with Internet Explorer...