26 matches found
CVE-2023-40556
Cross-Site Request Forgery CSRF vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...
CVE-2023-40560
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...
EUVD-2023-45127
Malicious code in bioql PyPI...
EUVD-2023-45131
Malicious code in bioql PyPI...
CVE-2024-0249 Advanced Schedule Posts <= 2.1.8 - Reflected XSS
The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...
CVE-2024-0249 Advanced Schedule Posts <= 2.1.8 - Reflected XSS
The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...
WordPress plugin Advanced Schedule Posts 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in WordPre...
WordPress Advanced Schedule Posts Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)
Software Advanced Schedule Posts Type Plugin Vulnerable versions = 2.1.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0249 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 858b382898f4 Credits Krzysztof...
Advanced Schedule Posts <= 2.1.8 - Reflected XSS
Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins. PoC...
Advanced Schedule Posts <= 2.1.8 - Reflected XSS
Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...
CVE-2023-40556
Cross-Site Request Forgery CSRF vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...
CVE-2023-40556
Cross-Site Request Forgery CSRF vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...
CVE-2023-40556 WordPress Schedule Posts Calendar Plugin <= 5.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...
CVE-2023-40556 WordPress Schedule Posts Calendar Plugin <= 5.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...
CVE-2023-40556
Summary: CVE-2023-40556 is a CSRF vulnerability in the WordPress plugin “Schedule Posts Calendar” by Greg Ross, affecting versions
WordPress Plugin Schedule Posts Calendar Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2023-27509 · WordPress · Greg Ross Schedule Posts Calendar
Name of the Vulnerable Software and Affected Versions: Greg Ross Schedule Posts Calendar plugin versions = 5.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user i...
CVE-2023-40560
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...
CVE-2023-40560
CVE-2023-40560 is an authenticated Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Schedule Posts Calendar, affecting versions