WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by ParkHyunWoo in WordPress Plugin RD Station versions = 5.6.0...

EUVD-2022-40741

Malicious code in bioql PyPI...

EUVD-2024-47883

Malicious code in bioql PyPI...

CVE-2024-6894

The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-6894 RD Station <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-6894 RD Station <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-6894

RD Station plugin for WordPress ≤ 5.3.2 is affected by a Stored Cross-Site Scripting (XSS) vulnerability caused by insufficient input sanitization and output escaping of post metaboxes. This allows authenticated attackers with Contributor+ privileges to inject arbitrary scripts that execute when ...

WordPress RD Station plugin <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin RD Station versions = 5.3.2...

WordPress plugin RD Station 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress RD Station Plugin <= 5.3.2 is vulnerable to Cross Site Scripting (XSS)

Software RD Station Type Plugin Vulnerable versions = 5.3.2 Fixed in 5.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6894 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 32a1d7bae015 Credits Webbernaut Required privilege...

PT-2024-37935 · WordPress · Rd Station Plugin

Name of the Vulnerable Software and Affected Versions: RD Station plugin for WordPress versions up to, and including, 5.3.2 Description: The RD Station plugin for WordPress has a Stored Cross-Site Scripting issue due to insufficient input sanitization and output escaping of post metaboxes added b...

CVE-2022-38139

Multiple Cross-Site Request Forgery CSRF vulnerabilities in RD Station plugin = 5.2.0 at WordPress...

CVE-2022-38139

Multiple Cross-Site Request Forgery CSRF vulnerabilities in RD Station plugin = 5.2.0 at WordPress...

Cross site request forgery (csrf)

Multiple Cross-Site Request Forgery CSRF vulnerabilities in RD Station plugin = 5.2.0 at WordPress...

CVE-2022-38139

The CVE-2022-38139 entry refers to multiple CSRF vulnerabilities in the WordPress RD Station plugin, affected versions 5.2.0 and earlier. Technical details from connected sources indicate the issue stems from missing CSRF checks in various parts of the plugin, enabling potential unauthorized acti...

CVE-2022-38139 WordPress RD Station plugin <= 5.2.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities in RD Station plugin = 5.2.0 at WordPress...

PT-2022-24231 · WordPress · Rd Station Plugin

Name of the Vulnerable Software and Affected Versions: RD Station plugin versions 5.1.3 through 5.2.0 Description: The issue concerns multiple Cross-Site Request Forgery CSRF vulnerabilities. CSRF is a type of attack where an attacker tricks a user into performing unintended actions on a web...

WordPress plugin RD Station 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress RD Station plugin <= 5.2.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Rasi Afeef Patchstack Alliance in the WordPress RD Station plugin versions = 5.2.0. Solution Update the WordPress RD Station plugin to the latest available version at least 5.2.1...

RD Station < 5.2.1 - Multiple CSRF

The plugin does not have CSRF check in some places, which could allow attackers to make logged in users perform unwanted actions...