8 matches found
EUVD-2022-43496
Malicious code in bioql PyPI...
CVE-2022-40195
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in PCA Predict plugin = 1.0.3 at WordPress...
CVE-2022-40195
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in PCA Predict plugin = 1.0.3 at WordPress...
Cross site scripting
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in PCA Predict plugin = 1.0.3 at WordPress...
CVE-2022-40195
CVE-2022-40195 affects the WordPress PCA Predict plugin (versions <= 1.0.3). The vulnerability is an authenticated Stored XSS (admin+ level) due to insufficient sanitization/escaping of settings, enabling stored script execution. Evidence across sources confirms admin-priority access and the X...
CVE-2022-40195 WordPress PCA Predict plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in PCA Predict plugin = 1.0.3 at WordPress...
WordPress PCA Predict plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress PCA Predict plugin versions = 1.0.3. Solution Deactivate and delete. This plugin has been closed as of September 5, 2022 and is not available for download. This closure is temporary...
WordPress WP Predict Plugin 1.0 - Blind SQL Injection
WP Predict plugin is prone to a Blind SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...