EUVD-2022-40678

Malicious code in bioql PyPI...

EUVD-2022-45084

Malicious code in bioql PyPI...

WordPress Mantenimiento Web Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Mantenimiento Web 0.13 and earlier versions are vulnerable to cross-site request forgery,...

CVE-2022-38075

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in Mantenimiento web plugin = 0.13 on WordPress...

CVE-2022-38075

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in Mantenimiento web plugin = 0.13 on WordPress...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in Mantenimiento web plugin = 0.13 on WordPress...

CVE-2022-38075

CVE-2022-38075 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “Mantenimiento web”

CVE-2022-38075 WordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in Mantenimiento web plugin = 0.13 on WordPress...

WordPress plugin Mantenimiento Web 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Mantenimiento Web 0.13 and earlier versions are vulnerable to cross-site request forgery,...

PT-2022-24188 · WordPress · Mantenimiento Web Plugin

Name of the Vulnerable Software and Affected Versions: Mantenimiento web plugin versions = 0.13 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that leads to Stored Cross-Site Scripting XSS. This means an attacker can trick a user into performing unintended actions on a...

CVE-2022-41980

Auth. admin+ Cross-Site Scripting XSS vulnerability in Mantenimiento web plugin = 0.13 on WordPress...

CVE-2022-41980

Auth. admin+ Cross-Site Scripting XSS vulnerability in Mantenimiento web plugin = 0.13 on WordPress...

Cross site scripting

Auth. admin+ Cross-Site Scripting XSS vulnerability in Mantenimiento web plugin = 0.13 on WordPress...

CVE-2022-41980 WordPress Mantenimiento web plugin <= 0.13 - Auth. Cross-Site Scripting (XSS) vulnerability

Auth. admin+ Cross-Site Scripting XSS vulnerability in Mantenimiento web plugin = 0.13 on WordPress...

CVE-2022-41980

The CVE-2022-41980 entry concerns the WordPress Mantenimiento web plugin, versions ≤ 0.13, where authenticated attackers with admin+ privileges can trigger Cross‑Site Scripting (XSS). Multiple sources describe the issue as an XSS vulnerability arising from unsanitized/uncleaned plugin settings, p...

WordPress plugin Mantenimiento Web 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2022-26198 · Unknown · Mantenimiento Web Plugin

Name of the Vulnerable Software and Affected Versions: Mantenimiento web plugin versions = 0.13 Description: The issue is related to an authenticated Cross-Site Scripting XSS vulnerability. This means that an attacker who has admin or higher privileges can inject malicious scripts into the websit...

CVE-2022-38075

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in Mantenimiento web plugin = 0.13 on WordPress...

WordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Rasi Afeef Patchstack Alliance in the WordPress Mantenimiento web plugin versions = 0.13. Solution Update the WordPress Mantenimiento web plugin to the latest available version at least 0.14...

Mantenimiento web < 0.14 - Stored XSS via CSRF

The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...