WordPress plugin WP Delicious 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Banco Guayaquil v8.0.0 iOS - Cross Site Web Vulnerability

Document Title: =============== Banco Guayaquil v8.0.0 iOS - Cross Site Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2315 Release Date: ============= 2022-01-21 Vulnerability Laboratory ID VL-ID: ====================================...

CVE-2021-31803

cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...

CVE-2021-31803

cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...

Design/Logic Flaw

cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...

CVE-2021-31803

cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...

CVE-2021-31803

CVE-2021-31803 affects cPanel prior to 94.0.3, enabling a self‑XSS via the EasyApache 4 Save Profile (SEC-581). The issue lies in saving a configuration file without adequately filtering user input, allowing an attacker to inject JavaScript. Affected component/flow is the EasyApache 4 Save Profil...

Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution

Exploit Title: Plugin Buddypress Xprofile Custom Fields Type 2.6.3 RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/ Software Link: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/...