4 matches found
EUVD-2025-6614
Malicious code in bioql PyPI...
CVE-2025-1561 AppPresser – Mobile App Framework <= 4.4.10 - Unauthenticated Stored Cross-Site Scripting
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in all versions up to, and including, 4.4.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-1561 AppPresser – Mobile App Framework <= 4.4.10 - Unauthenticated Stored Cross-Site Scripting
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in all versions up to, and including, 4.4.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-9305
CVE-2024-9305 (AppPresser – Mobile App Framework, WordPress) affects the AppPresser plugin for WordPress, up to and including version 4.4.4. The root cause is weak access controls in the password-reset flow: appp_reset_password() and validate_reset_password() allow brute-forcing an OTP to change ...