12 matches found
EUVD-2024-33543
Malicious code in bioql PyPI...
EUVD-2024-33315
Malicious code in bioql PyPI...
CVE-2024-10816
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.24.01.24 via the js/fallback.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...
CVE-2024-10881
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lunaradio' shortcode in versions up to, and including, 6.24.11.07 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-10881
The CVE: CVE-2024-10881 affects the LUNA RADIO PLAYER WordPress plugin. The vulnerability is a Stored Cross-Site Scripting via the lunaradio shortcode in versions up to and including 6.24.11.07, caused by insufficient input sanitization and output escaping on user-supplied attributes. Impact: aut...
CVE-2024-10881 LUNA RADIO PLAYER <= 6.24.11.07 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lunaradio' shortcode in versions up to, and including, 6.24.11.07 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress plugin LUNA RADIO PLAYER 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-10816
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.24.01.24 via the js/fallback.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...
CVE-2024-10816 LUNA RADIO PLAYER <= 6.24.01.24 - Unauthenticated Arbitrary File Read
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.24.01.24 via the js/fallback.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...
CVE-2024-10816
CVE-2024-10816 affects the LUNA RADIO PLAYER WordPress plugin. In versions up to 6.24.01.24, an unauthenticated attacker can read arbitrary server files via js/fallback.php (Directory Traversal). The vulnerability is documented across multiple sources; patch information shows a fix is available i...
PT-2024-16572 · WordPress · Luna Radio Player
Name of the Vulnerable Software and Affected Versions: LUNA RADIO PLAYER plugin for WordPress versions up to, and including, 6.24.01.24 Description: The issue allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information, via the...
WordPress plugin LUNA RADIO PLAYER 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...