EUVD-2024-29159

Malicious code in bioql PyPI...

EUVD-2023-55562

Malicious code in bioql PyPI...

CVE-2024-31263

Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...

CVE-2023-50829

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3...

CVE-2024-31263

Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...

CVE-2024-31263 WordPress Loan Repayment Calculator and Application Form plugin <= 2.9.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...

CVE-2024-31263 WordPress Loan Repayment Calculator and Application Form plugin <= 2.9.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...

WordPress Plugin Loan Repayment Calculator and Application Form 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists ...

PT-2024-23907 · Unknown · Aerin Loan Repayment Calculator/Application Form

Name of the Vulnerable Software and Affected Versions: aerin Loan Repayment Calculator and Application Form versions 2.9.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintende...

WordPress Loan Repayment Calculator and Application Form plugin <= 2.9.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Skalucy Patchstack Alliance in WordPress Plugin Quick Interest Slider versions = 2.9.4...

WordPress Loan Repayment Calculator and Application Form Plugin <= 2.9.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Loan Repayment Calculator and Application Form Type Plugin Vulnerable versions = 2.9.4 Fixed in 2.9.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31263 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID...

CVE-2023-50829

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3...

CVE-2023-50829 WordPress Loan Repayment Calculator and Application Form Plugin <= 2.9.3 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3...

CVE-2023-50829

CVE-2023-50829 is an authenticated-admin stored XSS vulnerability in the Loan Repayment Calculator and Application Form (plugin slug quick-interest-slider). The issue affects the plugin versions from n/a up to and including 2.9.3 and is described as improper neutralization of input during web pag...

CVE-2023-50829 WordPress Loan Repayment Calculator and Application Form Plugin <= 2.9.3 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3...

WordPress plugin Loan Repayment Calculator and Application Form Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Loan Repayment Calculator and Application Form Plugin <= 2.9.3 is vulnerable to Cross Site Scripting (XSS)

Software Loan Repayment Calculator and Application Form Type Plugin Vulnerable versions = 2.9.3 Fixed in 2.9.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50829 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5f5a8e271e7e Credits DoYeon...

Particle Exchange can be used to swap NFTs within the collection for free

Lines of code Vulnerability details Particle Exchange can be used to swap NFTs within the collection for free Impact In Particle, a borrower can take an NFT as a loan and close it using another NTF within the same collection. This is present in the different functions that can be used to repay a...

Attacker can use buyNftFromMarket() to buy an NFT from an arbitrary collection

Lines of code Vulnerability details Impact The function buyNftFromMarket allows a borrower to buy an NFT from the same collection to repay a loan. At the end of the function flow, it checks that the contract actually holds the NFT tokenId and assumes that it is the acquired NFT. However, this is...