59 matches found
EUVD-2026-39931
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menutitle' and 'menumagnifiercolor' Settings in all versions up to, and including, 5.5.15 due to insufficient input sanitization and output escaping. This makes it possible for...
EUVD-2018-16025
Malware in sbrugna...
EUVD-2022-49513
Malicious code in bioql PyPI...
EUVD-2024-45639
Malicious code in bioql PyPI...
CVE-2024-51840
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rezaul Wd-image-magnifier-xoss wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through = 1.0...
MAL-2025-1087 Malicious code in cs-magnifier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d412de7658e93719fd412b6f30d39270ed6190482deb65c00aaf002f96fe7e2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cs-magnifier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d412de7658e93719fd412b6f30d39270ed6190482deb65c00aaf002f96fe7e2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-51840
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rezaul Wd-image-magnifier-xoss wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through = 1.0...
CVE-2024-51840 WordPress Wd-image-magnifier-xoss plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rezaul haque Wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through 1.0...
CVE-2024-51840
CVE-2024-51840 is a DOM-based XSS in the WordPress plugin Wd-image-magnifier-xoss by Rezaul Haque, affecting versions “from n/a through 1.0.” The description cites “Improper Neutralization of Input During Web Page Generation,” indicating that unsafe input handling in page rendering enables cross-...
CVE-2024-51840 WordPress Wd-image-magnifier-xoss plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rezaul Wd-image-magnifier-xoss wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through = 1.0...
WordPress plugin Wd-image-magnifier-xoss 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Wd-image-magnifier-xoss plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Wd-image-magnifier-xoss versions = 1.0...
WordPress Wd-image-magnifier-xoss Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software Wd-image-magnifier-xoss Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51840 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c2adb78229c9 Credits SOPROBRO Required privilege...
SUSE-SU-2024:1499-2 Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup JDK-8315708,bsc1222987 -...
The vulnerability of the `BaproductzoommagnifierZoomModuleFrontController::run()` method in the Best Zoom Magnifier Effect module – BAZoom Magnifier, a open-source e-commerce web application for PrestaShop. This vulnerability allows an attacker to elevate their privileges and gain access to read, modify, or delete data.
The vulnerability of the BaproductzoommagnifierZoomModuleFrontController::run method in the Best Zoom Magnifier Effect – BAZoom Magnifier web application for e-commerce with open-source PrestaShop is related to the lack of protective measures for the SQL query structure. Exploiting this...
CVE-2023-50027
SQL Injection vulnerability in Buy Addons baproductzoommagnifier module for PrestaShop versions 1.0.16 and before, allows remote attackers to escalate privileges and gain sensitive information via BaproductzoommagnifierZoomModuleFrontController::run method...
PT-2023-9164 · Unknown +1 · Prestashop +1
Name of the Vulnerable Software and Affected Versions: PrestaShop Buy Addons baproductzoommagnifier module versions 1.0.16 and before Description: The issue is related to a lack of protection against SQL structure attacks in the BaproductzoommagnifierZoomModuleFrontController::run method of the...
CVE-2022-46724
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen...
CVE-2022-46724
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen...