2 matches found
WordPress Chat Bubble Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)
Software Chat Bubble Type Plugin Vulnerable versions = 2.3 Fixed in 2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0898 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 32320d8c2073 Credits Dipak Panchal th3.d1p4k Required...
GHSA-QCX4-GFH8-W5P5 Blogifier does not properly restrict APIs
Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing checks for .. in a pathname. The issue is patched in the 2.4 branch, but 2.5.5 is the lowest available patched version on https://www.nuget.org/packages/Blogifier.Core...