6 matches found
CVE-2026-57534 Stored XSS in pretix-pages
Malicious HTML content could be injected into the content of a page in the pretix-pages plugin...
CVE-2026-57534
Summary: CVE-2026-57534 affects the pretix-pages plugin, where malicious HTML content can be injected into a page’s content, causing a stored XSS condition. The root cause is described as unsafe handling of page content within the plugin; exploitation details are not provided beyond the stored-XS...
EUVD-2021-34210
Malicious code in bioql PyPI...
CVE-2021-4383
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to...
Design/Logic Flaw
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to...
CVE-2021-4383
CVE-2021-4383 affects the WP Quick FrontEnd Editor plugin for WordPress. Technical details in the connected documents show a vulnerability in page-editing due to missing capability checks, making it possible for low-authenticated users (e.g., subscribers) to edit or create any page or post on sit...