15 matches found
EUVD-2023-27769
Malicious code in bioql PyPI...
EUVD-2023-28454
Malicious code in bioql PyPI...
CVE-2023-23682
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
CVE-2023-24398
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
CVE-2023-23682
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
CVE-2023-23682
CVE-2023-23682 is an admin+ Stored XSS vulnerability in EZP Maintenance Mode (WordPress plugin) up to version 1.0.1. The issue stems from insufficient sanitization of plugin settings, enabling stored XSS in the admin context. Public details in the provided sources confirm the vulnerability and CV...
CVE-2023-23682 WordPress EZP Maintenance Mode Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
CVE-2023-23682 WordPress EZP Maintenance Mode Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Maintenance Mode plugin = 1.0.1 versions...
CVE-2023-24398
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
CVE-2023-24398
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
CVE-2023-24398
CVE-2023-24398 affects the WordPress EZP Coming Soon Page plugin prior to version 1.0.7.4 (<=1.0.7.3). The vulnerability is an authenticated (admin+) Stored Cross-Site Scripting (XSS) in the plugin. Root cause: stored XSS under admin privileges, allowing injection that could affect site visito...
CVE-2023-24398 WordPress EZP Coming Soon Page Plugin <= 1.0.7.3 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Snap Creek Software EZP Coming Soon Page plugin = 1.0.7.3 versions...
Old WordPress Plugin Being Exploited in RCE Attacks
Researchers are warning that attackers are abusing a vulnerability in WordPress site admins’ outdated versions of a migration plugin called Duplicator – allowing them to execute remote code. Made by Snap Creek Software, all Duplicator plugins earlier than version 1.2.42 are vulnerable to the...