CVE-2020-36875

AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the loginerror parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of the WordPress web...

CVE-2020-36875

AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the loginerror parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of the WordPress web...

CVE-2020-36875 AccessAlly < 3.3.2 Unauthenticated Arbitrary PHP Code Execution

AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the loginerror parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of the WordPress web...

CVE-2020-36875 AccessAlly < 3.3.2 Unauthenticated Arbitrary PHP Code Execution

AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the loginerror parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of the WordPress web...

EUVD-2023-49238

Malicious code in bioql PyPI...

CVE-2023-44915

A cross-site scripting XSS vulnerability in the component /Login.php of c3crm up to v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the loginerror parameter...

c3crm 跨站脚本漏洞

c3crm is a CRM software by dfar2008 individual developer. A security vulnerability exists in c3crm 3.0.4 and earlier versions, which stems from an unvalidated input of the loginerror parameter in the component/Login.php, which could lead to a cross-site scripting attack...