14 matches found
EUVD-2024-33585
Malicious code in bioql PyPI...
CVE-2024-10527
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motechspacercallback function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view...
CVE-2024-10527
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motechspacercallback function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view...
CVE-2024-10527 Spacer <= 3.0.7 - Missing Authorization to Authenticated (Subscriber+) Limited Information Disclosure
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motechspacercallback function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view...
CVE-2024-10527 Spacer <= 3.0.7 - Missing Authorization to Authenticated (Subscriber+) Limited Information Disclosure
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motechspacercallback function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view...
CVE-2024-10527
CVE-2024-10527 affects the Spacer WordPress plugin. The vulnerability results from a missing capability check in the motech_spacer_callback() function across all versions up to and including 3.0.7. This allows authenticated users with Subscriber-level access and above to view limited settings inf...
CVE-2024-10527
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motechspacercallback function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view...
WordPress plugin Spacer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2022-3618
The Spacer WordPress plugin before 3.0.7 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...
WordPress plugin Spacer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Spacer version 3.0.7 or earlier has a cross-site scripting vulnerability that can be...
CVE-2022-3618 Spacer < 3.0.7 - Admin+ Stored XSS
The Spacer WordPress plugin before 3.0.7 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...
PT-2022-23246 · WordPress · Spacer
Name of the Vulnerable Software and Affected Versions: Spacer WordPress plugin versions prior to 3.0.7 Description: The issue allows high-privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, in a...
CVE-2022-3618
The Spacer WordPress plugin before 3.0.7 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...
WordPress Spacer plugin <= 3.0.6 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Auth. Stored Cross-Site Scripting XSS vulnerability discovered by gem in WordPress Spacer plugin versions = 3.0.6. Solution Update the WordPress Spacer plugin to the latest available version at least 3.0.7...