EUVD-2023-35536

Malicious code in bioql PyPI...

PDQ CSV <= 1.0.0 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...

CVE-2023-31221

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...

CVE-2023-31221

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...

CVE-2023-31221 WordPress PDQ CSV Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...

WordPress plugin pdq-csv cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress PDQ CSV Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software PDQ CSV Type Plugin Vulnerable versions = 1.0.0 Fixed in 2.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-31221 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b3e5499669cc Credits Gaurav Bhosale Required privile...