47 matches found
EUVD-2017-7990
Malware in sbrugna...
EUVD-2023-27769
Malicious code in bioql PyPI...
EUVD-2023-28454
Malicious code in bioql PyPI...
CVE-2023-23682
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
CVE-2023-24398
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
CVE-2018-17207
An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files installer.php and installer-backup.php, an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution...
CVE-2020-11738
The Snap Creek Duplicator plugin before 1.3.28 for WordPress and Duplicator Pro before 3.8.7.1 allows Directory Traversal via ../ in the file parameter to duplicatordownload or duplicatorinit...
WordPress Duplicator File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...
WordPress Duplicator 4.0.5 Backup DIsclosure
==================================================================================================================================== | Title : WordPress - Duplicator 4.0.5 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
WordPress Duplicator 4.0.2 Backup Disclosure
==================================================================================================================================== | Title : WordPress - Duplicator 3.8.0.2 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...
CVE-2023-23682
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
CVE-2023-23682 WordPress EZP Maintenance Mode Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
CVE-2023-23682
CVE-2023-23682 is an admin+ Stored XSS vulnerability in EZP Maintenance Mode (WordPress plugin) up to version 1.0.1. The issue stems from insufficient sanitization of plugin settings, enabling stored XSS in the admin context. Public details in the provided sources confirm the vulnerability and CV...
CVE-2023-23682 WordPress EZP Maintenance Mode Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
CVE-2023-24398
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
CVE-2023-24398
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
CVE-2023-24398 WordPress EZP Coming Soon Page Plugin <= 1.0.7.3 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
CVE-2023-24398
CVE-2023-24398 affects the WordPress EZP Coming Soon Page plugin prior to version 1.0.7.4 (<=1.0.7.3). The vulnerability is an authenticated (admin+) Stored Cross-Site Scripting (XSS) in the plugin. Root cause: stored XSS under admin privileges, allowing injection that could affect site visito...