EUVD-2024-36737

Malicious code in bioql PyPI...

CVE-2024-37536

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web357 Easy Custom Code LESS/CSS/JS – Live editing allows Stored XSS.This issue affects Easy Custom Code LESS/CSS/JS – Live editing: from n/a through 1.0.8...

CVE-2024-37536

CVE-2024-37536 is a stored XSS vulnerability in the WordPress plugin Easy Custom Code (Live editing) affecting 1.0.8 and earlier. Exploitation involves the plugin’s Live editing feature, allowing stored XSS without relying on external vectors; remediation is to update to a version later than 1.0....

PT-2024-27634 · Web357 · Web357 Easy Custom Code

Name of the Vulnerable Software and Affected Versions: Web357 Easy Custom Code LESS/CSS/JS – Live editing versions 1.0.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...

WordPress Easy Custom Code (LESS/CSS/JS) Plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Easy Custom Code LESS/CSS/JS – Live editing versions = 1.0.8...