EUVD-2024-34283

Malicious code in bioql PyPI...

CVE-2024-11877

The Cricket Live Score plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cricketscore' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11877 Cricket Live Score <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Cricket Live Score plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cricketscore' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11877 Cricket Live Score <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Cricket Live Score plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cricketscore' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

PT-2024-17313 · WordPress · Cricket Live Score

Name of the Vulnerable Software and Affected Versions: Cricket Live Score plugin for WordPress versions prior to 2.0.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'cricket score' shortcode due to insufficient input sanitization and output escaping on...

WordPress plugin Cricket Live Score 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

WordPress Cricket Live Score plugin <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by yudha in WordPress Plugin Cricket Live Score versions = 2.0.2...

CVE-2023-47654

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in livescore.Bz BZScore – Live Score plugin = 1.03 versions...

CVE-2023-47654

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in livescore.Bz BZScore – Live Score plugin = 1.03 versions...

CVE-2023-47654

CVE-2023-47654 affects the WordPress plugin BZScore – Live Score (BZScore – Live Score) up to version 1.03. It is an authenticated Stored Cross-Site Scripting (XSS) via shortcode with contributor-level permissions. The issue’s root cause is insufficient input sanitization/output escaping for user...

CVE-2023-47654 WordPress BZScore – Live Score Plugin <= 1.03 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in livescore.Bz BZScore – Live Score plugin = 1.03 versions...

WordPress Plugin BZScore - Live Score Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin BZScore - Live Score has a...

WordPress BZScore – Live Score Plugin <= 1.03 is vulnerable to Cross Site Scripting (XSS)

Software BZScore – Live Score Type Plugin Vulnerable versions = 1.03 Fixed in 1.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47654 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 846b30ac50cf Credits yuyudhn Required...

live-score-app.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1066373 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting live-score-app.com website...