8 matches found
EUVD-2024-50981
Malicious code in bioql PyPI...
CVE-2024-12591
The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wbsharesocial shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-12591
The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wbsharesocial shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-12591
CVE-2024-12591 concerns the WordPress plugin MagicPost . A stored XSS vulnerability exists in the wb_share_social shortcode across versions up to 1.2.1, enabling authenticated attackers with contributor-level access or higher to inject scripts that execute in visitors’ browsers. The issue is caus...
CVE-2024-12591 MagicPost <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wb_share_social Shortcode
The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wbsharesocial shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-12591 MagicPost <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wb_share_social Shortcode
The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wbsharesocial shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
PT-2024-17668 · WordPress · Magicpost
Name of the Vulnerable Software and Affected Versions: MagicPost plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's wb share social shortcode due to insufficient input sanitization and output escaping on...
WordPress MagicPost plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wb_share_social Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via wbsharesocial Shortcode vulnerability discovered by SOPROBRO in WordPress Plugin MagicPost – WordPress文章管理功能增强插件 versions = 1.2.1...