7 matches found
EUVD-2022-15752
Malicious code in bioql PyPI...
WordPress Sync QCloud COS plugin cross-site scripting vulnerability
WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress Sync QCloud COS plugin version prior to 2.0.1 contains a cross-site scripting vulnerability that stems from the plugin's failure to escape so...
CVE-2022-0659
The Sync QCloud COS WordPress plugin before 2.0.1 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0659
The Sync QCloud COS WordPress plugin before 2.0.1 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
Cross site scripting
The Sync QCloud COS WordPress plugin before 2.0.1 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0659 Sync iCloud COS < 2.0.1 - Admin+ Stored Cross-Site Scripting
The Sync QCloud COS WordPress plugin before 2.0.1 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
WordPress Sync QCloud COS plugin <= 2.0.0 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by fuzzyap1 in WordPress Sync QCloud COS plugin versions = 2.0.0. Solution Update the WordPress Sync QCloud COS plugin to the latest available version at least 2.0.1...