16 matches found
EUVD-2024-45895
Malicious code in bioql PyPI...
CVE-2023-0644
The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-52408
Unrestricted Upload of File with Dangerous Type vulnerability in pushassist Push Notifications for WordPress by PushAssist push-notification-for-wp-by-pushassist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a through = 3.0.8...
CVE-2024-52408
Unrestricted Upload of File with Dangerous Type vulnerability in pushassist Push Notifications for WordPress by PushAssist push-notification-for-wp-by-pushassist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a through = 3.0.8...
CVE-2024-52408
CVE-2024-52408 : The Push Notifications for WordPress by PushAssist plugin has an unrestricted file upload vulnerability (dangerous file type) that allows uploading a web shell to the web server. Affected versions are listed as 3.0.8 and earlier (n/a through 3.0.8). The entry is corroborated by R...
CVE-2024-52408 WordPress Push Notifications for WordPress by PushAssist plugin <= 3.0.8 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in pushassist Push Notifications for WordPress by PushAssist push-notification-for-wp-by-pushassist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a through = 3.0.8...
PT-2024-35247 · Pushassist · Push Notifications For Wordpress
Name of the Vulnerable Software and Affected Versions: Push Notifications for WordPress by PushAssist versions 3.0.8 and earlier Description: The issue allows users to upload a web shell to a web server due to an unrestricted upload of file with dangerous type vulnerability. This enables arbitrar...
WordPress plugin Push Notifications for WordPress by PushAssist 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue exists in the WordPress plugin...
WordPress Push Notifications for WordPress by PushAssist plugin <= 3.0.8 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Push Notifications for WordPress by PushAssist versions = 3.0.8...
WordPress Push Notifications for WordPress by PushAssist Plugin <= 3.0.8 is vulnerable to Arbitrary File Upload
Software Push Notifications for WordPress by PushAssist Type Plugin Vulnerable versions = 3.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52408 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 1a2483f66c15 Credits...
CVE-2023-0644
The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-0644
The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-0644 PushAssist <= 3.0.8 - Reflected Cross-Site Scripting
The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress plugin Push Notifications for WordPress by PushAssist 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2023-16421 · Pushassist · Push Notifications For Wordpress
Name of the Vulnerable Software and Affected Versions: Push Notifications for WordPress by PushAssist WordPress plugin versions 3.0.8 and earlier Description: The issue is related to Reflected Cross-Site Scripting, which occurs because the plugin does not properly sanitise and escape various...
WordPress Push Notifications for WordPress by PushAssist Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS)
Software Push Notifications for WordPress by PushAssist Type Plugin Vulnerable versions = 3.0.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0644 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 943120492720...