21 matches found
WordPress Best Books <=2.6.3 - SQL Injection
WordPress Best Books plugin through 2.6.3 is susceptible to SQL injection. The plugin does not sanitize and escape some parameters before using them in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrativ...
EUVD-2023-46153
Malicious code in bioql PyPI...
EUVD-2025-30572
Malicious code in bioql PyPI...
EUVD-2023-41819
Malicious code in bioql PyPI...
CVE-2025-58261
Cross-Site Request Forgery CSRF vulnerability in PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection mavis-https-to-http-redirect allows Stored XSS.This issue affects Mavis HTTPS to HTTP Redirection: from n/a through = 1.4.3...
CVE-2025-58261
Cross-Site Request Forgery CSRF vulnerability in PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection mavis-https-to-http-redirect allows Stored XSS.This issue affects Mavis HTTPS to HTTP Redirection: from n/a through = 1.4.3...
WordPress plugin PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...
PT-2025-38924
Name of the Vulnerable Software and Affected Versions PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection versions through 1.4.3 Description A Cross-Site Request Forgery CSRF issue exists in PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection, which also allows Stored Cross-Site...
CVE-2023-41661
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
CVE-2023-37992
Cross-Site Request Forgery CSRF vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
CVE-2023-37992
Cross-Site Request Forgery CSRF vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
CVE-2023-37992
Cross-Site Request Forgery CSRF vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
CVE-2023-37992 WordPress Smarty for WordPress Plugin <= 3.1.35 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
CVE-2023-37992
CVE-2023-37992 refers to a Cross-Site Request Forgery (CSRF) vulnerability in the Smarty for WordPress plugin from PressPage Entertainment Inc. The affected range is plugin versions
PT-2023-26237 · Presspage Entertainment Inc. · Smarty
Name of the Vulnerable Software and Affected Versions: PressPage Entertainment Inc. Smarty for WordPress plugin versions 3.1.35 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into...
CVE-2023-41661
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
CVE-2023-41661
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin = 3.1.35 versions...
CVE-2023-41661
CVE-2023-41661 : Authenticated (admin+) Stored Cross-Site Scripting in the Smarty for WordPress plugin (WordPress) version <= 3.1.35. The underlying issue is an XSS flaw in the plugin when an admin injects payloads that are stored and later rendered to users, enabling a stored XSS vector. Impa...