19 matches found
EUVD-2024-53981
Malicious code in bioql PyPI...
CVE-2022-3921
The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE...
CVE-2024-13815
The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-13815
The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-13815
CVE-2024-13815 concerns the Listingo WordPress theme (
CVE-2024-13815 Listingo - Business Listing and Directory WordPress Theme <= 3.2.7 - Unauthenticated Arbitrary Shortcode Execution
The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-13815 Listingo - Business Listing and Directory WordPress Theme <= 3.2.7 - Unauthenticated Arbitrary Shortcode Execution
The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
WordPress plugin Listingo 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
WordPress Listingo plugin <= 3.2.7 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Lucio Sá in WordPress Theme Listingo versions = 3.2.7...
CVE-2022-3921
The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE...
CVE-2022-3921
The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE...
Design/Logic Flaw
The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE...
CVE-2022-3921 Listingo < 3.2.7 - Unauthenticated Arbitrary File Upload
The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE...
CVE-2022-3921
CVE-2022-3921 affects the Listingo WordPress theme prior to version 3.2.7. The vulnerability arises because an AJAX upload action is accessible to unauthenticated users and does not validate uploaded files, permitting arbitrary file uploads and potentially remote code execution (RCE). Public writ...
CVE-2022-3921 Listingo < 3.2.7 - Unauthenticated Arbitrary File Upload
The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE...
WordPress theme Listingo 代码问题漏洞
WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on PHP and MySQL servers.WordPress theme is a theme for WordPress. A code issue vulnerability exists in WordPress theme Listingo versions prior to 3.2.7 that stems from not...
PT-2022-24810 · WordPress · Listingo
Name of the Vulnerable Software and Affected Versions: Listingo WordPress theme versions prior to 3.2.7 Description: The issue concerns the lack of file validation for uploads via an AJAX action that is accessible to unauthenticated users. This could allow attackers to upload arbitrary files,...
Listingo < 3.2.7 - Unauthenticated Arbitrary File Upload
The theme does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE Listingo Unauthenticated File Upload Upload a File: The response give the path to the file uploaded:...
Listingo < 3.2.7 - Unauthenticated Arbitrary File Upload
The theme does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE PoC Upload a File: The response give the path to the file uploaded:...