7 matches found
EUVD-2022-50197
Malicious code in bioql PyPI...
CVE-2022-47435
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Olive Design WP-OliveCart plugin = 1.1.3 versions...
CVE-2022-47435
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Olive Design WP-OliveCart plugin = 1.1.3 versions...
CVE-2022-47435
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Olive Design WP-OliveCart plugin = 1.1.3 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Olive Design WP-OliveCart plugin = 1.1.3 versions...
CVE-2022-47435
CVE-2022-47435 affects WordPress plugin WP-OliveCart (Olive Design) ≤ 1.1.3. The flaw is a Stored XSS requiring admin privileges (admin+) and user interaction, with network attack vector and changed scope. Root cause per sources is inadequate sanitization/escaping of settings, enabling admins to ...
JVN#12124922: WEB SCHEDULE vulnerable to cross-site scripting
WEB SCHEDULE provided by Olive Design contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing the month parameter. Impact An artbitrary script may be executed on the user's web browser. Solution Do not use WEB SCHEDULE WEB SCHEDULE is no longer being developed or...