61 matches found
WordPress Search Exclude plugin <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings Modification vulnerability
Missing Authorization to Unauthenticated Plugin Settings Modification vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Search Exclude versions = 2.4.9...
EUVD-2006-0378
Malware in sbrugna...
EUVD-2007-2565
Malware in sbrugna...
EUVD-2023-29046
Malicious code in bioql PyPI...
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years
Noah Michael Urban, the 20-year-old hacker from the notorious Scattered Spider group, was sentenced to 10 years in…...
Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft
A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts. Noah Michael Urban pleaded guilty to charges related to wire fraud and aggravated identity...
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
A 20-year-old Florida man at the center of a prolific cybercrime group known as "Scattered Spider " was sentenced to 10 years in federal prison today, and ordered to pay roughly $13 million in restitution to victims. Noah Michael Urban of Palm Coast, Fla. pleaded guilty in April 2025 to charges o...
CVE-2024-30548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noah Kagan underConstruction allows Stored XSS.This issue affects underConstruction: from n/a through 1.21...
CVE-2024-24865
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noah Kagan Scroll Triggered Box allows Stored XSS.This issue affects Scroll Triggered Box: from n/a through 2.3...
WordPress Hash Form plugin <= 1.2.1 - Missing Authorization to Authenticated (Contributor+) Form Style Creation vulnerability
Missing Authorization to Authenticated Contributor+ Form Style Creation vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Hash Form versions = 1.2.1...
WordPress WP Travel Engine plugin <= 6.2.1 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Update vulnerability
Missing Authorization to Authenticated Contributor+ Plugin Settings Update vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin WP Travel Engine versions = 6.2.1...
WordPress DearFlip plugin <= 2.3.32 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin DearFlip versions = 2.3.32...
WordPress Wordpress Photo Album Plus plugin <= 8.8.05.003 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin WP Photo Album Plus versions = 8.8.05.003...
WordPress WP Photo Album Plus Plugin <= 8.8.05.003 is vulnerable to Cross Site Scripting (XSS)
Software WP Photo Album Plus Type Plugin Vulnerable versions = 8.8.05.003 Fixed in 8.8.07.004 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9951 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 361cb23fe9c7 Credits Noah...
CVE-2024-30548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noah Kagan underConstruction allows Stored XSS.This issue affects underConstruction: from n/a through 1.21...
CVE-2024-30548
CVE-2024-30548 affects the WordPress plugin underConstruction (Noah Kagan) with a Stored XSS flaw due to improper input neutralization during web page generation. Affected range is from n/a up to version 1.21. The provided documents explicitly name the vulnerability class and the product, but do ...
CVE-2024-30548 WordPress underConstruction plugin <= 1.21 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noah Kagan underConstruction allows Stored XSS.This issue affects underConstruction: from n/a through 1.21...
CVE-2024-24865
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noah Kagan Scroll Triggered Box allows Stored XSS.This issue affects Scroll Triggered Box: from n/a through 2.3...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noah Kagan Scroll Triggered Box allows Stored XSS.This issue affects Scroll Triggered Box: from n/a through 2.3...
CVE-2024-24865
CVE-2024-24865 affects the DreamGrow Scroll Triggered Box WordPress plugin. It is a Cross-Site Scripting (XSS) vulnerability due to improper neutralization of input during web page generation, allowing stored XSS in Scroll Triggered Box