229 matches found
EUVD-2023-31368
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-18655
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prayer through 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer...
CVE-2024-4462
The Nafeza Prayer Time plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2024-3407
The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-3405
The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-27632
Cross-Site Request Forgery CSRF vulnerability in mmrs151 Daily Prayer Time plugin = 2023.03.08 versions...
CVE-2023-27631
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in mmrs151 Daily Prayer Time plugin = 2023.05.04 versions...
CVE-2023-47817
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mmrs151 Daily Prayer Time plugin = 2023.10.13 versions...
CVE-2021-4412
The WP Prayer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.5. This is due to missing or incorrect nonce validation on the save and export functions. This makes it possible for unauthenticated attackers to save plugin settings and trigger a...
CVE-2021-24523
The Daily Prayer Time WordPress plugin before 2021.08.10 does not sanitise or escape some of its settings before outputting them in the page, leading to Authenticated Stored Cross-Site Scripting issues...
CVE-2008-0936
SQL injection vulnerability in index.php in the Prayer List prayerlist 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action...
CVE-2006-1976
Cross-site scripting XSS vulnerability in addRequest.php in Prayer Request Board PRB Beta 1 before 20060320 allows remote attackers to inject arbitrary web script or HTML via the Request field...
CVE-2025-22590
Cross-Site Request Forgery CSRF vulnerability in mmrs151 Prayer Times Anywhere prayer-times-anywhere allows Stored XSS.This issue affects Prayer Times Anywhere: from n/a through = 2.0.1...
CVE-2024-50534
Cross-Site Request Forgery CSRF vulnerability in techdabang World Prayer Time world-prayer-time allows Stored XSS.This issue affects World Prayer Time: from n/a through = 2.0...
CVE-2024-12515 Muslim Prayer Time-Salah/Iqamah <= 1.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Muslim Prayer Time-Salah/Iqamah plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Masjid ID parameter in all versions up to, and including, 1.8.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Muslim Prayer Time-Salah/Iqamah plugin <= 1.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Muslim Prayer Time-Salah/Iqamah versions = 1.8.8...
WordPress plugin Muslim Prayer Time-Salah/Iqamah 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...
PT-2025-1878 · WordPress · Muslim Prayer Time-Salah/Iqamah
Name of the Vulnerable Software and Affected Versions: The Muslim Prayer Time-Salah/Iqamah plugin for WordPress versions up to, and including, 1.8.8 Description: The issue is related to Stored Cross-Site Scripting via the Masjid ID parameter due to insufficient input sanitization and output...
CVE-2025-22590
Cross-Site Request Forgery CSRF vulnerability in mmrs151 Prayer Times Anywhere prayer-times-anywhere allows Stored XSS.This issue affects Prayer Times Anywhere: from n/a through = 2.0.1...
CVE-2025-22590 WordPress Prayer Times Anywhere plugin <= 2.0.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in mmrs151 Prayer Times Anywhere prayer-times-anywhere allows Stored XSS.This issue affects Prayer Times Anywhere: from n/a through = 2.0.1...