1884 matches found
Privacy Policy Genius - Cross-Site Scripting
Privacy Policy Genius WordPress plugin v2.0.4 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13219...
EUVD-2026-33319
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.3, the workflow telemetry sanitizer could retain partial fragments of URL-shaped node parameters before sending workflow data to the project's anonymous telemetry...
How Microsoft builds privacy and security to work hand-in-hand
The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...
CVE-2024-34586
Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy...
EUVD-2025-37408
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...
CVE-2025-11816
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...
CVE-2025-11816
CVE-2025-11816 concerns the WP Legal Pages (Privacy Policy Generator, Terms & Conditions Generator) WordPress plugin. Wordfence reports that all versions up to and including 3.5.1 are vulnerable due to a missing capability check in disconnect_account_request(), enabling unauthenticated attackers ...
CVE-2025-11816 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.5.1 - Missing Authorization to Unauthenticated API Disconnect
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...
PT-2025-44696
Name of the Vulnerable Software and Affected Versions WP Legal Pages versions prior to 3.5.2 Description The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin: WP Legal Pages is susceptible to unauthorized data modification. This is due to a missing capability check within t...
CVE-2025-52743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik-privacy-policy oik-privacy-policy allows Reflected XSS.This issue affects oik-privacy-policy: from n/a through = 1.4.10...
EUVD-2025-35488
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik-privacy-policy oik-privacy-policy allows Reflected XSS.This issue affects oik-privacy-policy: from n/a through = 1.4.9...
CVE-2025-52743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik-privacy-policy oik-privacy-policy allows Reflected XSS.This issue affects oik-privacy-policy: from n/a through = 1.4.10...
CVE-2025-52743 WordPress oik-privacy-policy plugin <= 1.4.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik-privacy-policy oik-privacy-policy allows Reflected XSS.This issue affects oik-privacy-policy: from n/a through = 1.4.10...
CVE-2025-52743 WordPress oik-privacy-policy plugin <= 1.4.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik-privacy-policy oik-privacy-policy allows Reflected XSS.This issue affects oik-privacy-policy: from n/a through = 1.4.10...
CVE-2025-52743
CVE-2025-52743 describes a Reflected XSS in the WordPress plugin oik-privacy-policy (bobbingwide) with vulnerable versions up to 1.4.9 per the CVE/NVD/Red Hat entries. Public sources also indicate a remediation path: update to a version greater than 1.4.9 (PatchStack references 1.4.10 and beyond)...
WordPress plugin oik-privacy-policy 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-43234
Name of the Vulnerable Software and Affected Versions bobbingwide oik-privacy-policy versions through 1.4.9 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-site Scripting condition. This allows for the...
EUVD-2021-12018
Malware in sbrugna...
EUVD-2023-51919
Malicious code in bioql PyPI...
EUVD-2024-51438
Malicious code in bioql PyPI...