57 matches found
CVE-2021-47982
WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter...
CVE-2021-47982
WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter...
CVE-2021-47982 WordPress Plugin WP-Paginate 2.1.3 Stored XSS via preset
WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter...
CVE-2021-47982
Summary: CVE-2021-47982 affects WordPress plugin WP-Paginate 2.1.3 with a stored XSS via the preset parameter. Authenticated attackers can submit payloads in the preset field through the plugin settings page; payloads are stored and later executed when administrators view the settings. The record...
EUVD-2021-34848
WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter...
ROOT-APP-NPM-CVE-2025-25288 CVE-2025-25288 in @rootio/octokit__plugin-paginate-rest - Patched by Root
Root has patched CVE-2025-25288 in the @rootio/octokitplugin-paginate-rest package for Root:npm. Multiple fixed versions available...
EUVD-2021-0864
Malware in sbrugna...
EUVD-2021-34080
Malicious code in bioql PyPI...
CVE-2022-2050
The WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfilteredhtml is disallowed...
CVE-2020-27543
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...
@octokit/plugin-paginate-rest has a Regular Expression in iterator Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
Summary For the npm package @octokit/plugin-paginate-rest, when calling octokit.paginate.iterator, a specially crafted octokit instance—particularly with a malicious link parameter in the headers section of the request—can trigger a ReDoS attack. Details The issue occurs at line 39 of iterator.ts...
PT-2025-7071
Name of the Vulnerable Software and Affected Versions: @octokit/plugin-paginate-rest versions 1.0.0 through 11.4.1 Description: The issue is a Regular Expression Denial of Service ReDoS vulnerability that can be triggered when calling octokit.paginate.iterator with a specially crafted octokit...
Malicious code in alphabetical-paginate (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in alphabetical-paginate_uk (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6593 Malicious code in alphabetical-paginate (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6592 Malicious code in alphabetic-paginate (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in alphabetic-paginate (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
GHSA-H374-MM57-879C Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270)
Summary The OrderAndPaginate function is used to order and paginate data. It is defined as follows: go func OrderAndPaginatec gin.Context funcdb gorm.DB gorm.DB return funcdb gorm.DB gorm.DB sort := c.DefaultQuery"order", "desc" order := fmt.Sprintf"%s %s", DefaultQueryc, "sortby", "id", sort db ...
WordPress WP-Paginate plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2022-2050
The WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfilteredhtml is disallowed...