EUVD-2024-34144

Malicious code in bioql PyPI...

CVE-2022-2538

The WP Hide & Security Enhancer WordPress plugin before 1.8 does not escape a parameter before outputting it back in an attribute of a backend page, leading to a Reflected Cross-Site Scripting...

WordPress plugin WP Hide & Security Enhancer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress WP Hide & Security Enhancer plugin <= 2.5.1 - Missing Authorization to Unauthenticated Arbitrary File Contents Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary File Contents Deletion vulnerability discovered by mikemyers in WordPress Plugin WP Hide Security Enhancer versions = 2.5.1...

CVE-2022-2538

The WP Hide & Security Enhancer WordPress plugin before 1.8 does not escape a parameter before outputting it back in an attribute of a backend page, leading to a Reflected Cross-Site Scripting...

CVE-2022-2538

The WP Hide & Security Enhancer WordPress plugin before 1.8 does not escape a parameter before outputting it back in an attribute of a backend page, leading to a Reflected Cross-Site Scripting...

Cross site scripting

The WP Hide & Security Enhancer WordPress plugin before 1.8 does not escape a parameter before outputting it back in an attribute of a backend page, leading to a Reflected Cross-Site Scripting...

CVE-2022-2538

The CVE-2022-2538 entry corresponds to the WP Hide & Security Enhancer WordPress plugin. Affected: versions prior to 1.8. Root cause: the plugin does not escape a parameter before outputting it back in an attribute of a backend page, producing a Reflected Cross‑Site Scripting (XSS) vulnerability....

WordPress plugin WP Hide & Security Enhancer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WP Hide & Security Enhancer < 1.8 - Reflected Cross-Site Scripting

The plugin does not escape a parameter before outputting it back in an attribute of a backend page, leading to a Reflected Cross-Site Scripting PoC http://example.com/wp-admin/admin.php?page=wp-hide-cdn=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28/XSS/%29+x...

WordPress Security Enhancer plugin arbitrary file upload vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An arbitrary file upload vulnerability exists in the WordPressSecurity Enhancer plugin. An attacker can exploit this...

WordPress WP Hide And Security Enhancer Plugin Arbitrary File Download

An arbitrary file download vulnerability exists in Wordpress WP Hide & Security Enhancer Plugin. Successful exploitation of this vulnerability by sending a specially crafted HTTP request would allow a remote attacker to gain access to arbitrary files...

WordPress WP Hide Security Enhancer Plugin <=1.3.9.2 - Arbitrary File Download Vulnerability

WordPress WP Hide Security Enhancer Plugin below 1.3.9.2 is vulnerable to arbitrary file download. This vulnerability allows an attacker to download any file from the victim web site. Solution Update plugin to v1.4.1...