16 matches found
EUVD-2024-42567
Malicious code in bioql PyPI...
EUVD-2023-56865
Malicious code in bioql PyPI...
CVE-2024-13725
The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those...
CVE-2024-13725 Keap Official Opt-in Forms <= 2.0.1 - Unauthenticated Limited Local File Inclusion
The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those...
CVE-2024-47642
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keap Keap Official Opt-in Forms infusionsoft-official-opt-in-forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through = 2.0.3...
CVE-2024-47642 WordPress Keap Official Opt-in Forms plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keap Keap Official Opt-in Forms infusionsoft-official-opt-in-forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through = 2.0.3...
WordPress plugin Keap Official Opt-in Forms 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...
WordPress Keap Official Opt-in Forms Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Keap Official Opt-in Forms Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47642 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bd939afd94d0 Credits stealthcopter Required...
CVE-2023-52192
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 1.0.11...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 1.0.11...
CVE-2023-52192 WordPress Keap Official Opt-in Forms Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 1.0.11...
CVE-2023-52192
CVE-2023-52192: Keap Official Opt-in Forms for WordPress is vulnerable to Stored Cross-Site Scripting due to improper input neutralization. Affected are Keap Official Opt-in Forms up to version 1.0.11 (and related notes indicate the issue may persist in older builds). The vulnerability stems from...
Cross site scripting
The Keap Official Opt-in Forms WordPress plugin through 1.0.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite set...
CVE-2023-6941
The CVE concerns the Keap Official Opt-in Forms WordPress plugin, affected versions 1.0.11 and earlier. The vulnerability is Admin+ Stored XSS caused by insufficient sanitisation/escaping of settings (e.g., Opt in title, message, success text), which can execute scripts in the context of high-pri...
WordPress Keap Official Opt-in Forms Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Keap Official Opt-in Forms Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-52192 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 43abbc32aaec Credits Ngô Thiên An ancorn from...
Keap Official Opt-in Forms <= 1.0.11 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup. PoC 1. Store the script in...