8 matches found
EUVD-2024-47749
Malicious code in bioql PyPI...
CVE-2024-6705
The RegLevel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
CVE-2024-6705
The RegLevel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
CVE-2024-6705 RegLevel <= 1.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
The RegLevel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
CVE-2024-6705
CVE-2024-6705 affects the RegLevel WordPress plugin (versions up to and including 1.2.1) and enables Stored XSS via admin settings. Exploitation requires authenticated access at Administrator level or higher, and the issue specifically impacts multisite installations or sites where unfiltered_htm...
WordPress RegLevel plugin <= 1.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Artem Polynko Artem Polynko in WordPress Plugin RegLevel versions = 1.2.1...
WordPress RegLevel Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software RegLevel Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6705 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d62638c134b4 Credits Artem Polynko Artem Polynko...
PT-2024-37812 · WordPress · Reglevel
Name of the Vulnerable Software and Affected Versions: RegLevel plugin for WordPress versions up to, and including, 1.2.1 Description: The issue allows authenticated attackers with administrator-level permissions and above to inject arbitrary web scripts in pages due to insufficient input...