5 matches found
EUVD-2025-24217
Malicious code in bioql PyPI...
CVE-2025-8314 Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter
The Software Issue Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccessmsg parameter in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-8314 Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter
The Software Issue Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccessmsg parameter in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
PT-2025-32624 · WordPress · Software Issue Manager
Name of the Vulnerable Software and Affected Versions: Software Issue Manager plugin for WordPress versions up to and including 5.0.1 Description: The Software Issue Manager plugin for WordPress is susceptible to Stored Cross-Site Scripting through the noaccess msg parameter due to insufficient...
Login to Another User with Su on Linux / Unix Systems
This module attempts to create a new login session by invoking the su command of a valid username and password. If the login is successful, a new session is created via the specified payload. Because su forces passwords to be passed over stdin, this module attempts to invoke a psuedo-terminal wit...